CVE-2020-4567 HIGH

CVE-2020-4567

Vendor Ibm
Product Security Key Lifecycle Manager
Published July 29, 2020
Last update September 16, 2024

CVSS base score

8.6/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.0/UI:N/PR:N/S:C/A:N/AC:L/C:H/AV:N/I:N/RL:O/RC:C/E:U

What the vulnerability does

01Description

IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 184156.

Key dates

02Disclosure timeline

July 29, 2020 CVE published
September 16, 2024 Record updated