Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
access manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2013-5976
Cross-site scripting (XSS) vulnerability in the access policy logout page (logout.inc) in F5 BIG-IP APM 10.1.0 up to and including 10.2.4 and 11.1.0 up to and including 11.3.0 allows remote malicious users to inject arbitrary web script or HTML via the LastMRH_Session cookie.
F5 Big-ip Access Policy Manager 11.1.0
F5 Big-ip Access Policy Manager 10.1.0
F5 Big-ip Access Policy Manager 11.3.0
F5 Big-ip Access Policy Manager 10.2.4
F5 Big-ip Access Policy Manager 11.0.0
8.5
CVSSv2
CVE-2015-5018
IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 prior to 8.0.1.3 IF3, and Security Access Manager 9.0 prior to 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access.
Ibm Security Access Manager 9.0 Firmware 9.0.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.3
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.13
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.12
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.3
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.16
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.8
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.7
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.3
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.10
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.9
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.1
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.11
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.15
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.14
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.6
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.5
5
CVSSv2
CVE-2011-0494
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 prior to 5.1.0.39-TIV-AWS-IF0040, 6.0 prior to 6.0.0.25-TIV-AWS-IF0026, 6.1.0 prior to 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 prior to 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack ve...
Ibm Tivoli Access Manager For E-business 6.0.0.17
Ibm Tivoli Access Manager For E-business 6.0.0.23
Ibm Tivoli Access Manager For E-business 6.1.0
Ibm Tivoli Access Manager For E-business 6.1.0.3
Ibm Tivoli Access Manager For E-business 5.1
Ibm Tivoli Access Manager For E-business 6.0.0
Ibm Tivoli Access Manager For E-business 5.1.0.10
Ibm Tivoli Access Manager For E-business 6.1.0.4
Ibm Tivoli Access Manager For E-business 6.1.1
NA
CVE-2023-43124
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 17.1.0
F5 Big-ip Access Policy Manager 13.1.5.1
F5 Big-ip Access Policy Manager Client
NA
CVE-2023-43125
BIG-IP APM clients may send IP traffic outside of the VPN tunnel. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager 17.1.0
F5 Big-ip Access Policy Manager 13.1.5.1
F5 Big-ip Access Policy Manager Client
4.3
CVSSv2
CVE-2008-1204
Multiple cross-site scripting (XSS) vulnerabilities in the Administration Console in Sun Java System Access Manager 7.1 and 7 2005Q4 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to the (1) Help and (2) Version windows.
Sun Java System Access Manager 7.0 2005q4
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7.0
6
CVSSv2
CVE-2009-0170
Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console.
Sun Java System Access Manager 7.1
Sun Java System Access Manager 7.0 2005q4
Sun Java System Access Manager 6.3
5
CVSSv2
CVE-2009-0348
The login module in Sun Java System Access Manager 6 2005Q1 (aka 6.3), 7 2005Q4 (aka 7.0), and 7.1 responds differently to a failed login attempt depending on whether the user account exists, which allows remote malicious users to enumerate valid usernames.
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.1
Sun Java System Access Manager 6.3 2005q1
1 EDB exploit
5
CVSSv2
CVE-2015-5012
The SSH implementation on IBM Security Access Manager for Web appliances 7.0 prior to 7.0.0 FP19, 8.0 prior to 8.0.1.3 IF3, and 9.0 prior to 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms, which makes it easier for remote malicious users to defeat cryptographic ...
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.10
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.11
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.12
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.18
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.16
Ibm Security Access Manager 9.0 Firmware 9.0.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.3
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.5
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.6
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.7
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.8
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.2
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.2
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.4
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.9
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.14
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0
Ibm Security Access Manager For Web 7.0 Firmware 7.0.0.1
4.3
CVSSv2
CVE-2019-13497
One Identity Cloud Access Manager prior to 8.1.4 Hotfix 1 allows CSRF for logout requests.
Oneidentity Cloud Access Manager 8.1.4
Oneidentity Cloud Access Manager
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »