CVE-2020-4572

Medium

IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a detailed technical…

ibm·CWE-209·Published 2020-07-29

CVSS

5.3

EPSS

0.02

KEV

Exploits

cve.orgen

270 chars

IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184179.

NVDen

270 chars

NVDes

293 chars

IBM Tivoli Key Lifecycle Manager versiones 3.0.1 y 4.0, podría permitir a un atacante remoto obtener información confidencial cuando un mensaje de error técnico detallado es devuelto en el navegador. Esta información podría ser usada en nuevos ataques contra el sistema. IBM X-Force ID: 184179

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.0	Primary	cve.org	5.3	—	—	CVSS:3.0/AC:L/A:N/AV:N/I:N/C:L/PR:N/UI:N/S:U/RC:C/RL:O/E:U