IBM Security Bulletin: IBM Security Key Lifecycle Manager Misses Authentication for Critical Function (CVE-2018-1745)
Oct 6, 2018 9:00 am EDT
Categorized: High Severity
Share this post:
IBM Security Key Lifecycle Manager could allow an unauthenticated user to restart the SKLM server due to missing authentication.
CVE(s): CVE-2018-1745
Affected product(s) and affected version(s):
IBM Security Key Lifecycle Manager: v2.7 – 2.7.0.3
IBM Security Key Lifecycle Manager: v3.0- 3.0.0.1
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10733355
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/148424
from IBM Product Security Incident Response Team https://ift.tt/2IG8OqT