CVE-2020-4573
First published: Wed Jul 29 2020(Updated: )
IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could disclose sensitive information due to responding to unauthenticated HTTP requests. IBM X-Force ID: 184180.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Security Key Lifecycle Manager | =3.0.1 | |
| Ibm Security Key Lifecycle Manager | =4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-4573?
CVE-2020-4573 is a vulnerability in IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 that could disclose sensitive information due to responding to unauthenticated HTTP requests.
What is the severity of CVE-2020-4573?
The severity of CVE-2020-4573 is medium with a CVSS score of 5.3.
How does CVE-2020-4573 affect IBM Tivoli Key Lifecycle Manager?
CVE-2020-4573 affects IBM Tivoli Key Lifecycle Manager versions 3.0.1 and 4.0.
How can the sensitive information disclosure vulnerability be exploited?
The sensitive information disclosure vulnerability in CVE-2020-4573 can be exploited by sending unauthenticated HTTP requests to the affected IBM Tivoli Key Lifecycle Manager.
Is there a fix available for CVE-2020-4573?
Yes, IBM has provided a fix for this vulnerability. Please refer to the IBM support page for further instructions.
- collector/nvd-index
- vendor/ibm
- canonical/ibm security key lifecycle manager
- version/ibm security key lifecycle manager/3.0.1
- version/ibm security key lifecycle manager/4.0