Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
identity manager vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2021-1306
A vulnerability in the restricted shell of Cisco Evolved Programmable Network (EPN) Manager, Cisco Identity Services Engine (ISE), and Cisco Prime Infrastructure could allow an authenticated, local malicious user to identify directories and write arbitrary files to the file syste...
Cisco Identity Services Engine 2.7.0
Cisco Identity Services Engine 3.0.0
Cisco Identity Services Engine
Cisco Evolved Programmable Network Manager
Cisco Prime Infrastructure 3.8.1
Cisco Prime Infrastructure
5
CVSSv2
CVE-2021-29687
IBM Security Identity Manager 7.0.2 could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts. IBM X-Force ID: 200018
Ibm Security Identity Manager 6.0.2
5
CVSSv2
CVE-2021-29691
IBM Security Identity Manager 7.0.2 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 200252.
Ibm Security Identity Manager 7.0.2
5
CVSSv2
CVE-2021-29682
IBM Security Identity Manager 7.0.2 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 199997
Ibm Security Identity Manager 7.0.2
4
CVSSv2
CVE-2021-29683
IBM Security Identity Manager 7.0.2 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 199998.
Ibm Security Identity Manager 7.0.2
6.5
CVSSv2
CVE-2021-29686
IBM Security Identity Manager 7.0.2 could allow an authenticated user to bypass security and perform actions that they should not have access to. IBM X-Force ID: 200015
Ibm Security Identity Manager 7.0.2
5
CVSSv2
CVE-2021-29688
IBM Security Identity Manager 7.0.2 could allow a remote malicious user to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 200102.
Ibm Security Identity Manager 6.0.2
Ibm Security Identity Manager 7.0.2
4.3
CVSSv2
CVE-2021-29692
IBM Security Identity Manager 7.0.2 could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle t...
Ibm Security Identity Manager 7.0.2
4.3
CVSSv2
CVE-2020-17453
WSO2 Management Console up to and including 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter.
Wso2 Identity Server As Key Manager 5.7.0
Wso2 Enterprise Integrator
Wso2 Api Microgateway 2.2.0
Wso2 Identity Server
Wso2 Api Manager Analytics 2.2.0
Wso2 Api Manager Analytics 2.5.0
Wso2 Identity Server Analytics 5.5.0
Wso2 Identity Server As Key Manager 5.5.0
Wso2 Micro Integrator 1.0.0
Wso2 Identity Server Analytics 5.4.1
Wso2 Identity Server Analytics 5.6.0
Wso2 Identity Server Analytics 5.4.0
Wso2 Identity Server As Key Manager 5.6.0
Wso2 Identity Server As Key Manager 5.9.0
Wso2 Identity Server As Key Manager 5.10.0
Wso2 Api Manager Analytics 2.6.0
Wso2 Api Manager
2 Github repositories
9
CVSSv2
CVE-2021-22112
Spring Security 5.4.x before 5.4.4, 5.3.x before 5.3.8.RELEASE, 5.2.x before 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programm...
Vmware Spring Security
Pivotal Software Spring Security
Oracle Hospitality Cruise Shipboard Property Management System 20.1.0
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Communications Unified Inventory Management 7.4.1
Oracle Insurance Policy Administration 11.3.0
Oracle Insurance Policy Administration 11.2.0
Oracle Communications Element Manager
Oracle Mysql Enterprise Monitor
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »