Search
Total
10 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-20439 | 1 Ibm | 2 Security Access Manager, Security Verify Access | 2021-07-31 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user. | |||||
| CVE-2019-4036 | 1 Ibm | 1 Security Access Manager | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Access Manager Appliance could allow unauthenticated attacker to cause a denial of service in the reverse proxy component. IBM X-Force ID: 156159. | |||||
| CVE-2019-4135 | 1 Ibm | 1 Security Access Manager | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Security Access Manager 9.0.1 through 9.0.6 is affected by a security vulnerability that could allow authenticated users to impersonate other users. IBM X-Force ID: 158331. | |||||
| CVE-2019-4145 | 1 Ibm | 1 Security Access Manager | 2020-08-24 | 3.6 LOW | 7.1 HIGH |
| IBM Security Access Manager 9.0.1 through 9.0.6 could reveal highly sensitive in specialized conditions to a local user which could be used in further attacks against the system. IBM X-Force ID: 158400. | |||||
| CVE-2019-4707 | 1 Ibm | 1 Security Access Manager | 2020-01-31 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Security Access Manager Appliance 9.0.7.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 172018. | |||||
| CVE-2018-1970 | 1 Ibm | 1 Security Access Manager | 2019-10-09 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Security Identity Manager 7.0.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 153751. | |||||
| CVE-2018-1814 | 1 Ibm | 1 Security Access Manager | 2019-10-09 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 150018. | |||||
| CVE-2018-1850 | 1 Ibm | 1 Security Access Manager | 2019-10-09 | 8.5 HIGH | 7.5 HIGH |
| IBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 and 9.0.5.0 could allow unauthorized administration operations when Advanced Access Control services are running. IBM X-Force ID: 150998. | |||||
| CVE-2018-1887 | 1 Ibm | 1 Security Access Manager | 2019-10-09 | 4.6 MEDIUM | 7.8 HIGH |
| IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 152078. | |||||
| CVE-2016-3025 | 1 Ibm | 2 Security Access Manager, Security Access Manager For Mobile | 2016-11-28 | 5.0 MEDIUM | 8.1 HIGH |
| IBM Security Access Manager for Mobile 8.x before 8.0.1.4 IF3 and Security Access Manager 9.x before 9.0.1.0 IF5 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach. | |||||