Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
IBM Security Key Lifecycle Manager 2.5, 2.6, 2.7, and 3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 148423.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Security Key Lifecycle Manager 路径遍历漏洞
Vulnerability Description
IBM Security Key Lifecycle Manager(前称Tivoli Key Lifecycle Manager)是美国IBM公司的一套密钥生命周期管理软件。该软件为存储设备提供密钥存储、密钥维护和密钥生命周期管理等功能。 IBM Security Key Lifecycle Manager中存在路径遍历漏洞。远程攻击者可通过发送含有“..”序列的特制URL请求利用该漏洞查看系统上的任意文件。以下版本受到影响:IBM Security Key Lifecycle Manager 2.5版
CVSS Information
N/A
Vulnerability Type
N/A