Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security access manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-4150
IBM Security Access Manager 9.0.1 up to and including 9.0.6 does not validate, or incorrectly validates, a certificate which could allow an malicious user to spoof a trusted entity by using a man-in-the-middle (MITM) attack. IBM X-Force ID: 158510.
Ibm Security Access Manager
4.3
CVSSv2
CVE-2019-4151
IBM Security Access Manager 9.0.1 up to and including 9.0.6 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 158512.
Ibm Security Access Manager
3.6
CVSSv2
CVE-2019-4152
IBM Security Access Manager 9.0.1 up to and including 9.0.6 does not invalidate session tokens in a timely manner. The lack of proper session expiration may allow attackers with local access to login into a closed browser session. IBM X-Force ID: 158515.
Ibm Security Access Manager
3.5
CVSSv2
CVE-2019-4153
IBM Security Access Manager 9.0.1 up to and including 9.0.6 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof th...
Ibm Security Access Manager
4.3
CVSSv2
CVE-2019-4156
IBM Security Access Manager 9.0.1 up to and including 9.0.6 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 158572.
Ibm Security Access Manager
5.5
CVSSv2
CVE-2019-4158
IBM Security Access Manager 9.0.1 up to and including 9.0.6 does not prove that a user's identity is correct which can lead to the exposure of resources or functionality to unintended actors. IBM X-Force ID: 158574.
Ibm Security Access Manager
5
CVSSv2
CVE-2018-1886
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 152021.
Ibm Security Access Manager
4.6
CVSSv2
CVE-2018-1887
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of intern...
Ibm Security Access Manager
5.5
CVSSv2
CVE-2018-1970
IBM Security Identity Manager 7.0.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 153751.
Ibm Security Access Manager
4.3
CVSSv2
CVE-2018-1803
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijac...
Ibm Security Access Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »