Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
access manager vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2017-0302
In F5 BIG-IP APM 12.0.0 up to and including 12.1.2 and 13.0.0, an authenticated user with an established access session to the BIG-IP APM system may be able to cause a traffic disruption if the length of the requested URL is less than 16 characters.
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Access Policy Manager 12.1.1
F5 Big-ip Access Policy Manager 12.1.2
8.5
CVSSv2
CVE-2015-5018
IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 prior to 8.0.1.3 IF3, and Security Access Manager 9.0 prior to 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access.
Ibm Security Access Manager 9.0 Firmware 9.0.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.3
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.13
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.12
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.3
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.16
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.8
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.7
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.3
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.10
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.9
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.1
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.11
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.15
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.14
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.6
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.5
5
CVSSv2
CVE-2011-0494
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 prior to 5.1.0.39-TIV-AWS-IF0040, 6.0 prior to 6.0.0.25-TIV-AWS-IF0026, 6.1.0 prior to 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 prior to 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack ve...
Ibm Tivoli Access Manager For E-business 6.0.0.17
Ibm Tivoli Access Manager For E-business 6.0.0.23
Ibm Tivoli Access Manager For E-business 6.1.0
Ibm Tivoli Access Manager For E-business 6.1.0.3
Ibm Tivoli Access Manager For E-business 5.1
Ibm Tivoli Access Manager For E-business 6.0.0
Ibm Tivoli Access Manager For E-business 5.1.0.10
Ibm Tivoli Access Manager For E-business 6.1.0.4
Ibm Tivoli Access Manager For E-business 6.1.1
NA
CVE-2023-43124
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 17.1.0
F5 Big-ip Access Policy Manager 13.1.5.1
F5 Big-ip Access Policy Manager Client
NA
CVE-2023-43125
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 17.1.0
F5 Big-ip Access Policy Manager 13.1.5.1
F5 Big-ip Access Policy Manager Client
5
CVSSv2
CVE-2009-0348
The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames.
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.1
Sun Java System Access Manager 6.3 2005q1
1 EDB exploit
4.3
CVSSv2
CVE-2008-1204
Multiple cross-site scripting (XSS) vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to the (1) Help and (2) Version windows.
Sun Java System Access Manager 7.0 2005q4
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7.0
6
CVSSv2
CVE-2009-0170
Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console.
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7.0 2005q4
Sun Java System Access Manager 6.3
5
CVSSv2
CVE-2015-5012
The SSH implementation on IBM Security Access Manager for Web appliances 7.0 prior to 7.0.0 FP19, 8.0 prior to 8.0.1.3 IF3, and 9.0 prior to 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms, which makes it easier for remote malicious users to defeat cryptographic ...
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.10
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.11
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.12
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.18
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.16
Ibm Security Access Manager 9.0 Firmware 9.0.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.3
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.5
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.6
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.7
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.8
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.2
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.2
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.4
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.9
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.14
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.1
4.3
CVSSv2
CVE-2019-13496
One Identity Cloud Access Manager prior to 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity Defender product, and replacing a failed SAML response with a successful SAML response.
Oneidentity Cloud Access Manager
Oneidentity Cloud Access Manager 8.1.4
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »