CVE-2023-25921

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. IBM X-Force ID: 247620.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:*:*:*:*:*:*:*:*
OR cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

13 Dec 2024, 20:53

Type Values Removed Values Added
CPE cpe:2.3:a:ibm:security_guardium_key_lifecycle_manager:*:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/247620 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/247620 - VDB Entry
References () https://www.ibm.com/support/pages/node/6964516 - () https://www.ibm.com/support/pages/node/6964516 - Patch, Vendor Advisory
First Time Ibm aix
Ibm
Linux linux Kernel
Microsoft windows
Ibm security Guardium Key Lifecycle Manager
Microsoft
Linux

Information

Published : 2024-02-29 01:38

Updated : 2024-12-13 20:53


NVD link : CVE-2023-25921

Mitre link : CVE-2023-25921

CVE.ORG link : CVE-2023-25921


JSON object : View

Products Affected

microsoft

  • windows

linux

  • linux_kernel

ibm

  • aix
  • security_guardium_key_lifecycle_manager
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type