CVE-2016-6102

Vulnerability

IBM Security Key Lifecycle Manager versions 2.5 to 2.5.0.7 and 2.6 to 2.6.0.2 stores sensitive information in URL parameters. This occurs when SSL requests include query parameters that may contain sensitive data, such as authentication tokens or keys. The information is captured in URLs, which can be exposed through server logs, referrer headers, or browser history [1].

Exploitation

An attacker with access to server logs, referrer headers, or browser history can retrieve the sensitive information stored in URL parameters. No authentication is required, but the attacker must have access to these sources. The attack complexity is high because the attacker needs to obtain the URLs through one of these channels [1].

Impact

Successful exploitation leads to information disclosure of sensitive data contained in URL parameters, such as cryptographic keys or credentials. The confidentiality impact is low, as the attacker may only obtain partial information [1].

Mitigation

IBM has not provided a specific fix in this bulletin. The workarounds and mitigations section states "None" [1]. Affected versions include 2.5.0.0 to 2.5.0.7 and 2.6.0.0 to 2.6.0.2. Users should monitor for updates from IBM. No KEV listing.