CVE-2021-38976
https://notcve.org/view.php?id=CVE-2021-38976
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 stores user credentials in plain clear text which can be read by a local user. X-Force ID: 212781. IBM Tivoli Key Lifecycle Manager versiones 3.0, 3.0.1, 4.0 y 4.1, almacena las credenciales de usuario en texto sin cifrar que puede ser leído por un usuario local. IBM X-Force ID: 212781 • https://exchange.xforce.ibmcloud.com/vulnerabilities/212781 https://www.ibm.com/support/pages/node/6516038 • CWE-522: Insufficiently Protected Credentials •
CVE-2021-38975
https://notcve.org/view.php?id=CVE-2021-38975
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow an authenticated user to to obtain sensitive information from a specially crafted HTTP request. IBM X-Force ID: 212780. IBM Tivoli Key Lifecycle Manager versiones 3.0, 3.0.1, 4.0 y 4.1 podría permitir a un usuario autenticado obtener información confidencial a partir de una petición HTTP especialmente diseñada. IBM X-Force ID: 212780 • https://exchange.xforce.ibmcloud.com/vulnerabilities/212780 https://www.ibm.com/support/pages/node/6516044 •
CVE-2021-38974
https://notcve.org/view.php?id=CVE-2021-38974
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow an authenticated user to cause a denial of service using specially crafted HTTP requests. IBM X-Force ID: 212779. IBM Tivoli Key Lifecycle Manager versiones 3.0, 3.0.1, 4.0 y 4.1, podría permitir a un usuario autenticado causar una denegación de servicio mediante peticiones HTTP especialmente diseñadas. IBM X-Force ID: 212779 • https://exchange.xforce.ibmcloud.com/vulnerabilities/212779 https://www.ibm.com/support/pages/node/6516046 •
CVE-2021-38985
https://notcve.org/view.php?id=CVE-2021-38985
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. IBM Tivoli Key Lifecycle Manager versiones 3.0, 3.0.1, 4.0 y 4.1, recibe entradas o datos, pero no comprueba o comprueba incorrectamente que la entrada presenta las propiedades necesarias para procesar los datos de forma segura y correcta • https://exchange.xforce.ibmcloud.com/vulnerabilities/212799 https://www.ibm.com/support/pages/node/6515526 • CWE-20: Improper Input Validation •
CVE-2021-38973
https://notcve.org/view.php?id=CVE-2021-38973
IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. IBM Tivoli Key Lifecycle Manager versiones 3.0, 3.0.1, 4.0 y 4.1, recibe entradas o datos, pero no comprueba o comprueba incorrectamente que la entrada presenta las propiedades necesarias para procesar los datos de forma segura y correcta • https://exchange.xforce.ibmcloud.com/vulnerabilities/212778 https://www.ibm.com/support/pages/node/6515528 • CWE-20: Improper Input Validation •