Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1443 | 1 Ibm | 2 Security Access Manager, Tivoli Federated Identity Manager | 2019-10-09 | 4.6 MEDIUM | 5.9 MEDIUM |
| An XML parsing vulnerability affects IBM SAML-based single sign-on (SSO) systems (IBM Security Access Manager 9.0.0 - 9.0.4 and IBM Tivoli Federated Identity Manager 6.2 - 6.0.2.) This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a different user without knowledge of the victim users password. IBM X-Force ID: 139754. | |||||
| CVE-2017-1320 | 1 Ibm | 1 Tivoli Federated Identity Manager | 2017-07-08 | 3.5 LOW | 5.4 MEDIUM |
| IBM Tivoli Federated Identity Manager 6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125732. | |||||
| CVE-2015-4959 | 1 Ibm | 1 Tivoli Federated Identity Manager | 2016-12-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP16 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||