1. CVE-Search
  2. CVE-2016-6093
ID CVE-2016-6093
Summary IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
References
Vulnerable Configurations
  • cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:security_key_lifecycle_manager:2.5.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:security_key_lifecycle_manager:2.6.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:security_key_lifecycle_manager:2.6.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:security_key_lifecycle_manager:2.6.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:security_key_lifecycle_manager:2.6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:security_key_lifecycle_manager:2.6.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:security_key_lifecycle_manager:2.6.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.6:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.8:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_key_lifecycle_manager:2.0.1.8:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 13-06-2017 - 19:16)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 95985
confirm http://www.ibm.com/support/docview.wss?uid=swg21997956
misc https://exchange.xforce.ibmcloud.com/vulnerabilities/118172
Last major update 13-06-2017 - 19:16
Published 08-06-2017 - 21:29
Last modified 13-06-2017 - 19:16
Back to Top