Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe

Filtered by product Security Access Manager For Mobile

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-3046	1 Ibm	5 Security Access Manager 9.0 Firmware, Security Access Manager For Mobile, Security Access Manager For Mobile Appliance and 2 more	2020-10-27	4.0 MEDIUM	2.7 LOW
IBM Security Access Manager for Web is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements which could allow the attacker to view information in the back-end database.
CVE-2016-3045	1 Ibm	3 Security Access Manager, Security Access Manager For Mobile, Security Access Manager For Web	2017-02-09	4.3 MEDIUM	3.7 LOW
IBM Security Access Manager for Web stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referer header or browser history.