Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
forgerock access management 7.0.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-0582
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ForgeRock Access Management allows Authorization Bypass. This issue affects access management: prior to 7.3.0, prior to 7.2.1, prior to 7.1.4, up to and including 7.0.2.
9.8
CVSSv3
CVE-2021-4201
Missing access control in ForgeRock Access Management 7.1.0 and previous versions versions on all platforms allows remote unauthenticated malicious users to hijack sessions, including potentially admin-level sessions. This issue affects: ForgeRock Access Management 7.1 versions b...
Forgerock Access Management 5.5.2
Forgerock Access Management 6.5.0
Forgerock Access Management 6.5.0.1
Forgerock Access Management 6.5.0.2
Forgerock Access Management 6.5.1
Forgerock Access Management 6.0.0
Forgerock Access Management 6.0.0.1
Forgerock Access Management 6.0.0.2
Forgerock Access Management 6.0.0.3
Forgerock Access Management 6.0.0.4
Forgerock Access Management 6.0.0.6
Forgerock Access Management 6.0.0.7
Forgerock Access Management 6.5.2.1
Forgerock Access Management 6.5.2.2
Forgerock Access Management 6.5.2.3
Forgerock Access Management 6.5.3
Forgerock Access Management 7.0.0
Forgerock Access Management 7.0.1
Forgerock Access Management 7.0.2
Forgerock Access Management 7.1.0
9.8
CVSSv3
CVE-2021-37153
ForgeRock Access Management (AM) prior to 7.0.2, when configured with Active Directory as the Identity Store, has an authentication-bypass issue.
Forgerock Access Management
9.8
CVSSv3
CVE-2021-37154
In ForgeRock Access Management (AM) prior to 7.0.2, the SAML2 implementation allows XML injection, potentially enabling a fraudulent SAML 2.0 assertion.
Forgerock Access Management
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started