Vulnerability Description
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 247632.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Security Guardium Key Lifecycle Manager | >= 3.0.0, < 4.1.1.7 |
| Ibm | Aix | - |
| Linux | Linux Kernel | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/247632VDB Entry
- https://www.ibm.com/support/pages/node/6964516PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/247632VDB Entry
- https://www.ibm.com/support/pages/node/6964516PatchVendor Advisory
FAQ
What is CVE-2023-25925?
CVE-2023-25925 is a vulnerability with a CVSS score of 8.5 (HIGH). IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted reque...
How severe is CVE-2023-25925?
CVE-2023-25925 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-25925?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Security Guardium Key Lifecycle Manager, Ibm Aix, Linux Linux Kernel, Microsoft Windows.