IBM Security Bulletin: IBM Security Key Lifecycle Manager is vulnerable to Incorrect Permission Assignment for Critical Resource (CVE-2018-1750)

Oct 5, 2018 9:01 am EDT

Categorized: Medium Severity

Share this post:

IBM Security Key Lifecycle Manager specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

CVE(s): CVE-2018-1750

Affected product(s) and affected version(s):

IBM Security Key Lifecycle Manager: v3.0- 3.0.0.1

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10733311
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148511

from IBM Product Security Incident Response Team https://ift.tt/2IFdahO