CVE-2016-6105

Summary

IBM Tivoli Key Lifecycle Manager 2.5 and 2.6 do not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas.

Affected Software

VendorProductVersion RangeStatus
IBM CorporationKey Lifecycle Manager2.5affected
IBM CorporationKey Lifecycle Manager1.0affected
IBM CorporationKey Lifecycle Manager2.0affected
IBM CorporationKey Lifecycle Manager2.0.1affected
IBM CorporationKey Lifecycle Manager2.6affected

Weaknesses

  • Bypass Security

ADP Enrichment

CVE Program Container

Additional References

References