IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 247599.
History

Fri, 13 Dec 2024 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Ibm
Ibm aix
Ibm security Guardium Key Lifecycle Manager
Linux
Linux linux Kernel
Microsoft
Microsoft windows
CPEs cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:*:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vendors & Products Ibm
Ibm aix
Ibm security Guardium Key Lifecycle Manager
Linux
Linux linux Kernel
Microsoft
Microsoft windows

cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2024-02-29T00:27:14.988Z

Updated: 2024-08-02T11:39:05.322Z

Reserved: 2023-02-16T16:39:45.212Z

Link: CVE-2023-25926

cve-icon Vulnrichment

Updated: 2024-08-02T11:39:05.322Z

cve-icon NVD

Status : Analyzed

Published: 2024-02-29T01:38:24.377

Modified: 2024-12-13T20:45:41.380

Link: CVE-2023-25926

cve-icon Redhat

No data.