Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm security access manager vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2022-22465
IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 could allow a local user to obtain elevated privileges due to improper access permissions. IBM X-Force ID: 225082.
Ibm Security Verify Access 10.0.1.0
Ibm Security Verify Access 10.0.2.0
Ibm Security Verify Access 10.0.0.0
Ibm Security Verify Access 10.0.3.0
5
CVSSv2
CVE-2022-22464
IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 225081.
Ibm Security Verify Access 10.0.1.0
Ibm Security Verify Access 10.0.2.0
Ibm Security Verify Access 10.0.0.0
Ibm Security Verify Access 10.0.3.0
6.4
CVSSv2
CVE-2022-22463
IBM Security Access Manager Appliance 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the malicious user to view, add, modify or delete information in the back-end database...
Ibm Security Verify Access 10.0.1.0
Ibm Security Verify Access 10.0.2.0
Ibm Security Verify Access 10.0.0.0
Ibm Security Verify Access 10.0.3.0
9
CVSSv2
CVE-2017-1453
IBM Security Access Manager Appliance 9.0.3 could allow a remote authenticated malicious user to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force...
Ibm Security Access Manager 9.0 Firmware 9.0.3.0
5.5
CVSSv2
CVE-2017-1477
IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 128612.
Ibm Security Access Manager 9.0 Firmware 9.0.3.0
4.6
CVSSv2
CVE-2018-1443
An XML parsing vulnerability affects IBM SAML-based single sign-on (SSO) systems (IBM Security Access Manager 9.0.0 - 9.0.4 and IBM Tivoli Federated Identity Manager 6.2 - 6.0.2.) This vulnerability can allow an attacker with authenticated access to trick SAML systems into authen...
Ibm Security Access Manager
Ibm Tivoli Federated Identity Manager 6.2.0
Ibm Tivoli Federated Identity Manager 6.2.2
Ibm Tivoli Federated Identity Manager 6.2.1
NA
CVE-2023-31001
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 up to and including 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) temporarily stores sensitive information in files that could be accessed by a local user. IBM X-Force ID: 254653.
Ibm Security Verify Access
Ibm Security Verify Access Docker
NA
CVE-2023-31003
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 up to and including 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254658.
Ibm Security Verify Access
Ibm Security Verify Access Docker
NA
CVE-2023-31006
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 up to and including 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 up to and including 10.0.6.1) is vulnerable to a denial of service attacks on the DSC server. IBM X-Force ID: 254776.
Ibm Security Verify Access
Ibm Security Verify Access Docker
NA
CVE-2023-32329
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 up to and including 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 up to and including 10.0.6.1) could allow a user to download files from an incorrect repository due to improper file va...
Ibm Security Verify Access
Ibm Security Verify Access Docker
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »