Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
user access manager vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2018-18255
An issue exists in CapMon Access Manager 5.4.1.1005. The client applications of AccessManagerCoreService.exe communicate with this server through named pipes. A user can initiate communication with the server by creating a named pipe and sending commands to achieve elevated privi...
Capmon Access Manager
5
CVSSv2
CVE-2021-20439
IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user.
Ibm Security Access Manager 9.0
Ibm Security Verify Access 10.0.0
7.5
CVSSv2
CVE-2018-10197
There is a time-based blind SQL injection vulnerability in the Access Manager component prior to 9.18.040 and 10.x prior to 10.18.040 in ELO ELOenterprise 9 and 10 and ELOprofessional 9 and 10 that makes it possible to read all database content. The vulnerability exists in the ti...
Elo Access Manager
5
CVSSv2
CVE-2019-19989
An issue exists in Selesta Visual Access Manager (VAM) 4.15.0 up to and including 4.29. Several PHP pages, and other type of files, are reachable by any user without checking for user identity and authorization.
Seling Visual Access Manager
4
CVSSv2
CVE-2020-35934
The Advanced Access Manager plugin prior to 6.6.2 for WordPress displays the unfiltered user object (including all metadata) upon login via the REST API (aam/v1/authenticate or aam/v2/authenticate). This is a security problem if this object stores information that the user is not...
Vasyltech Advanced Access Manager
5
CVSSv2
CVE-2018-9026
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote malicious users to hijack user sessions with a specially crafted request.
Broadcom Privileged Access Manager
NA
CVE-2023-35187
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution.
Solarwinds Access Rights Manager
4
CVSSv2
CVE-2020-4461
IBM Security Access Manager Appliance 9.0.7.1 could allow an authenticated user to bypass security by allowing id_token claims manipulation without verification. IBM X-Force ID: 181481.
Ibm Security Access Manager
7.2
CVSSv2
CVE-2018-18256
An issue exists in CapMon Access Manager 5.4.1.1005. A regular user can obtain local administrator privileges if they run any whitelisted application through the Custom App Launcher.
Capmon Access Manager 5.4.1.1005
NA
CVE-2023-35184
The SolarWinds Access Rights Manager was susceptible to Remote Code Execution Vulnerability. This vulnerability allows an unauthenticated user to abuse a SolarWinds service resulting in a remote code execution.
Solarwinds Access Rights Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »