Vulnerability Description
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 discloses sensitive information in error messages that could aid an attacker in further attacks against the system. IBM X-Force ID: 134869.
CVSS Score
4.3
MEDIUM
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Security Key Lifecycle Manager | 2.5.0.0 |
Related Weaknesses (CWE)
References
- http://www.ibm.com/support/docview.wss?uid=swg22012012Vendor Advisory
- http://www.securityfocus.com/bid/102432Issue TrackingThird Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/134869VDB EntryVendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg22012012Vendor Advisory
- http://www.securityfocus.com/bid/102432Issue TrackingThird Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/134869VDB EntryVendor Advisory
FAQ
What is CVE-2017-1727?
CVE-2017-1727 is a vulnerability with a CVSS score of 4.3 (MEDIUM). IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 discloses sensitive information in error messages that could aid an attacker in further attacks against the system. IBM X-Force ID: 134869.
How severe is CVE-2017-1727?
CVE-2017-1727 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-1727?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Security Key Lifecycle Manager.