CVE-2019-4566

Description

IBM Security Key Lifecycle Manager 3.0 and 3.0.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 166627.

CVSS breakdown

CVSS 3.0

User Interaction

None

Attack Complexity

Low

Scope

Unchanged

Availability

None

Attack Vector

Local

Privileges Required

None

Integrity

None

Confidentiality

High

Changed

Unchanged

Affected products

ibm / Security Key Lifecycle Manager3.0 – 3.0
ibm / Security Key Lifecycle Manager3.0.1 – 3.0.1

References

MISChttps://www.ibm.com/support/pages/node/1074344
MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/166627