Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
privileged access manager vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2015-4664
An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and previous versions allows remote malicious users to execute arbitrary commands.
Broadcom Privileged Access Manager
Xceedium Xsuite 2.3.0
Xceedium Xsuite 2.4.3.0
1 EDB exploit
5.3
CVSSv3
CVE-2016-5959
IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 116136.
Ibm Security Privileged Identity Manager 2.0.2
Ibm Security Privileged Identity Manager 2.1
9.8
CVSSv3
CVE-2018-1343
PAM exposure enabling unauthenticated access to remote host
Netiq Privileged Account Manager
8.6
CVSSv3
CVE-2017-1483
IBM Security Identity Manager Adapters 6.0 and 7.0 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 128621.
Ibm Security Privileged Identity Manager 2.0.2
Ibm Security Identity Manager 6.0.0.0
Ibm Security Privileged Identity Manager 2.0.1
Ibm Security Identity Manager 7.0.0.0
Ibm Security Identity Governance And Intelligence 5.2
Ibm Security Identity Governance And Intelligence 5.2.1
Ibm Security Privileged Identity Manager 2.0
4.6
CVSSv3
CVE-2020-2740
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to c...
Oracle Access Manager 11.1.2.3.0
Oracle Access Manager 12.2.1.3.0
7
CVSSv3
CVE-2018-15332
The svpn component of the F5 BIG-IP APM client prior to version 7.1.7.2 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host in a race condition.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 14.0.0
F5 Big-ip Access Policy Manager Client
5.4
CVSSv3
CVE-2020-2747
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: SSO Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise O...
Oracle Access Manager 11.1.2.3.0
Oracle Access Manager 12.2.1.3.0
7.8
CVSSv3
CVE-2018-5546
The svpn and policyserver components of the F5 BIG-IP APM client prior to version 7.1.7.1 for Linux and macOS runs as a privileged process and can allow an unprivileged user to get ownership of files owned by root on the local client host. A malicious local unprivileged user may ...
F5 Big-ip Access Policy Manager Client
F5 Big-ip Access Policy Manager
4.4
CVSSv3
CVE-2023-21859
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ...
Oracle Access Manager 12.2.1.4.0
4.9
CVSSv3
CVE-2021-2358
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Rest interfaces for Access Mgr). The supported version that is affected is 11.1.2.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to comp...
Oracle Access Manager 11.1.2.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »