CVE-2016-6093

critical

Description

IBM Tivoli Key Lifecycle Manager does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/118172

http://www.securityfocus.com/bid/95985

http://www.ibm.com/support/docview.wss?uid=swg21997956

Details

Source: Mitre, NVD

Published: 2017-06-08

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00365