Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
access manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2017-1476
IBM Security Access Manager Appliance 7.0.0, 8.0.0 up to and including 8.0.1.6, and 9.0.0 up to and including 9.0.3.1 could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could ex...
Ibm Security Access Manager
Ibm Security Access Manager For Web
Ibm Security Access Manager For Mobile
3.5
CVSSv2
CVE-2016-7467
The TMM SSO plugin in F5 BIG-IP APM 12.0.0 - 12.1.1, 11.6.0 - 11.6.1 HF1, 11.5.4 - 11.5.4 HF2, when configured as a SAML Identity Provider with a Service Provider (SP) connector, might allow traffic to be disrupted or failover initiated when a malformed, signed SAML authenticatio...
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.5.4
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 11.6.1
4
CVSSv2
CVE-2016-3687
Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, and 11.6.x prior to 11.6.0 HF6 and Edge Gateway 11.2.1, when using multi-domain single sign-on (SSO), allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a bas...
F5 Big-ip Access Policy Manager 11.5.4
F5 Big-ip Access Policy Manager 11.5.3
F5 Big-ip Access Policy Manager 11.5.2
F5 Big-ip Access Policy Manager 11.5.1
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.5.0
F5 Big-ip Access Policy Manager 11.4.0
F5 Big-ip Access Policy Manager 11.4.1
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Edge Gateway 11.2.1
4.3
CVSSv2
CVE-2016-5756
Multiple components of the web tools in NetIQ Access Manager 4.1 prior to 4.1.2 Hot Fix 1 and 4.2 prior to 4.2.2 were vulnerable to Reflected Cross Site Scripting attacks which could be used to hijack user sessions: nps/servlet/frameservice, nps/servlet/webacc, roma/admin/cntl, r...
Netiq Access Manager 4.1
Netiq Access Manager 4.2
10
CVSSv2
CVE-2017-14803
In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO connector and downloading the BasicSSO connector plugins on IE11 where an attacker can execute arbitrary code on the system.
Netiq Access Manager 4.3
Netiq Access Manager 4.4
4.3
CVSSv2
CVE-2014-5216
Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x prior to 4.0.1 HF3 allow remote malicious users to inject arbitrary web script or HTML via (1) the location parameter in a dev.Empty action to nps/servlet/webacc, (2) the error parameter to nidp...
Microfocus Access Manager 4.0.1
Microfocus Access Manager 4.0
1 EDB exploit
6.5
CVSSv2
CVE-2016-5750
The certificate upload feature in iManager in NetIQ Access Manager 4.1 prior to 4.1.2 Hot Fix 1 and 4.2 prior to 4.2.2 could be used to upload JSP pages that would be executed as the iManager user, allowing code execution by logged-in remote users.
Netiq Access Manager 4.1
Netiq Access Manager 4.2
6.8
CVSSv2
CVE-2018-2879
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via H...
Oracle Access Manager 11.1.2.3.0
Oracle Access Manager 12.2.1.3.0
3 Github repositories
1 Article
4.9
CVSSv2
CVE-2020-2740
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to c...
Oracle Access Manager 11.1.2.3.0
Oracle Access Manager 12.2.1.3.0
4.9
CVSSv2
CVE-2020-2747
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: SSO Engine). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise O...
Oracle Access Manager 11.1.2.3.0
Oracle Access Manager 12.2.1.3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »