SymmetricalDataSecurity: IBM Security Bulletin: IBM Security Key Lifecycle Manager is affected by exposure of sensitive information in the error message it generates (CVE-2016-6094)

Thursday, February 2, 2017

IBM Security Bulletin: IBM Security Key Lifecycle Manager is affected by exposure of sensitive information in the error message it generates (CVE-2016-6094)

IBM Security Key Lifecycle Manager generates an error message that includes sensitive information about its environment, users, or associated data.

CVE(s): CVE-2016-6094

Affected product(s) and affected version(s):

IBM Tivoli Key Lifecycle Manager: v2.0.1 – 2.0.1.8

IBM Security Key Lifecycle Manager: v2.5 – 2.5.0.7

IBM Security Key Lifecycle Manager v2.6 – 2.6.0.2

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2kwcQrz
X-Force Database: http://ift.tt/2l0ru7K

from IBM Product Security Incident Response Team http://ift.tt/2kw7wVj

SymmetricalDataSecurity

Thursday, February 2, 2017

IBM Security Bulletin: IBM Security Key Lifecycle Manager is affected by exposure of sensitive information in the error message it generates (CVE-2016-6094)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews