Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security access manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-4725
IBM Security Access Manager Appliance 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X...
Ibm Security Access Manager
3.5
CVSSv2
CVE-2019-4153
IBM Security Access Manager 9.0.1 up to and including 9.0.6 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof th...
Ibm Security Access Manager
5
CVSSv2
CVE-2019-4036
IBM Security Access Manager Appliance could allow unauthenticated malicious user to cause a denial of service in the reverse proxy component. IBM X-Force ID: 156159.
Ibm Security Access Manager
6.5
CVSSv2
CVE-2019-4135
IBM Security Access Manager 9.0.1 up to and including 9.0.6 is affected by a security vulnerability that could allow authenticated users to impersonate other users. IBM X-Force ID: 158331.
Ibm Security Access Manager
4.3
CVSSv2
CVE-2019-4151
IBM Security Access Manager 9.0.1 up to and including 9.0.6 uses weaker than expected cryptographic algorithms that could allow an malicious user to decrypt highly sensitive information. IBM X-Force ID: 158512.
Ibm Security Access Manager
4.3
CVSSv2
CVE-2019-4157
IBM Security Access Manager 9.0.1 up to and including 9.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trus...
Ibm Security Access Manager
5.5
CVSSv2
CVE-2019-4158
IBM Security Access Manager 9.0.1 up to and including 9.0.6 does not prove that a user's identity is correct which can lead to the exposure of resources or functionality to unintended actors. IBM X-Force ID: 158574.
Ibm Security Access Manager
4.3
CVSSv2
CVE-2018-1804
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 does not set the secure attribute on authorization tokens or session cookies. This could allow an malicious user to obtain sensitive information using man in the middle techniques. IBM X-Force I...
Ibm Security Access Manager
4
CVSSv2
CVE-2018-1805
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 149704.
Ibm Security Access Manager
4.6
CVSSv2
CVE-2018-1887
IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of intern...
Ibm Security Access Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »