CVE-2020-4569
First published: Wed Jul 29 2020(Updated: )
IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism. IBM X-Force ID: 184158.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Security Key Lifecycle Manager | =3.0.1 | |
| Ibm Security Key Lifecycle Manager | =4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-4569?
The severity of CVE-2020-4569 is medium with a CVSS score of 6.5.
Which versions of IBM Tivoli Key Lifecycle Manager are affected by CVE-2020-4569?
IBM Tivoli Key Lifecycle Manager versions 3.0.1 and 4.0 are affected by CVE-2020-4569.
What is the protection mechanism used by IBM Tivoli Key Lifecycle Manager?
IBM Tivoli Key Lifecycle Manager uses a protection mechanism that relies on the existence or values of an input.
How can an untrusted actor bypass the protection mechanism in IBM Tivoli Key Lifecycle Manager?
An untrusted actor can modify the input in a way that bypasses the protection mechanism in IBM Tivoli Key Lifecycle Manager.
Where can I find more information about CVE-2020-4569?
You can find more information about CVE-2020-4569 on the IBM X-Force website and the IBM support page.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/remedy
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm security key lifecycle manager
- version/ibm security key lifecycle manager/3.0.1
- version/ibm security key lifecycle manager/4.0