IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 247599.
Metrics
Affected Vendors & Products
References
History
Fri, 13 Dec 2024 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Ibm
Ibm aix Ibm security Guardium Key Lifecycle Manager Linux Linux linux Kernel Microsoft Microsoft windows |
|
CPEs | cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:*:*:*:*:*:*:*:* cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Ibm
Ibm aix Ibm security Guardium Key Lifecycle Manager Linux Linux linux Kernel Microsoft Microsoft windows |
MITRE
Status: PUBLISHED
Assigner: ibm
Published: 2024-02-29T00:27:14.988Z
Updated: 2024-08-02T11:39:05.322Z
Reserved: 2023-02-16T16:39:45.212Z
Link: CVE-2023-25926
Vulnrichment
Updated: 2024-08-02T11:39:05.322Z
NVD
Status : Analyzed
Published: 2024-02-29T01:38:24.377
Modified: 2024-12-13T20:45:41.380
Link: CVE-2023-25926
Redhat
No data.