CVE-2021-38979

Published: 15/11/2021 Updated: 12/07/2022

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software does not also use a salt as part of the input. IBM X-Force ID: 212785.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm security guardium key lifecycle manager 4.1.0
ibm security guardium key lifecycle manager 4.1.0.1
ibm security guardium key lifecycle manager 4.1.1
ibm security key lifecycle manager
ibm security key lifecycle manager 4.1.0
ibm security key lifecycle manager 4.1.0.1
ibm security key lifecycle manager 4.1.1

CWE-916 https://exchange.xforce.ibmcloud.com/vulnerabilities/212785 https://www.ibm.com/support/pages/node/6516034 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-38979

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect