Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
access manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-13497
One Identity Cloud Access Manager prior to 8.1.4 Hotfix 1 allows CSRF for logout requests.
Oneidentity Cloud Access Manager 8.1.4
Oneidentity Cloud Access Manager
1 Github repository
4.3
CVSSv2
CVE-2016-9257
In F5 BIG-IP APM 12.0.0 up to and including 12.1.2, non-authenticated users may be able to inject JavaScript into a request that will then be rendered and executed in the context of the Administrative user when the Administrative user is viewing the Access System Logs, allowing t...
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 12.1.1
10
CVSSv2
CVE-2014-3073
Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote malicious users to execute arbitrary code via unknown vectors.
Ibm Security Access Manager For Mobile Software 8.0
Ibm Security Access Manager For Web Appliance 8.0
Ibm Security Access Manager For Web Software 7.0
Ibm Security Access Manager For Web Appliance 7.0
Ibm Security Access Manager For Web Software 8.0
Ibm Security Access Manager For Mobile Appliance 8.0
4.3
CVSSv2
CVE-2015-8531
Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 prior to 8.0.1.3 IF4 and 9.0 prior to 9.0.0.1 IF1 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Ibm Security Access Manager 9.0 Firmware 9.0.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.3
10
CVSSv2
CVE-2018-1722
IBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0 could allow remote code execution when Advanced Access Control or Federation services are running. IBM X-Force ID: 147370.
Ibm Security Access Manager 9.0.4.0
Ibm Security Access Manager 9.0.5.0
6.9
CVSSv2
CVE-2014-0646
The runtime WS component in the server in EMC RSA Access Manager 6.1.3 prior to 6.1.3.39, 6.1.4 prior to 6.1.4.22, 6.2.0 prior to 6.2.0.11, and 6.2.1 prior to 6.2.1.03, when INFO logging is enabled, allows local users to discover cleartext passwords by reading log files.
Emc Rsa Access Manager 6.2
Emc Rsa Access Manager 6.1
4.3
CVSSv2
CVE-2009-2713
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote malicious users to obtain sensitive informati...
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.1
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
5
CVSSv2
CVE-2015-1892
The Multicast DNS (mDNS) responder in IBM Security Access Manager for Web 7.x prior to 7.0.0 FP12 and 8.x prior to 8.0.1 FP1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote malicious users to cause a denial of service (...
Ibm Security Access Manager For Web 7.0 Firmware
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.3
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.4
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.1
4.3
CVSSv2
CVE-2016-3686
The Single Sign-On (SSO) feature in F5 BIG-IP APM 11.x prior to 11.6.0 HF6 and BIG-IP Edge Gateway 11.0.0 up to and including 11.3.0 might allow remote malicious users to obtain sensitive SessionId information by leveraging access to the Location HTTP header in a redirect.
F5 Big-ip Edge Gateway 11.3.0
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Edge Gateway 11.2.0
F5 Big-ip Edge Gateway 11.1.0
F5 Big-ip Edge Gateway 11.0.0
F5 Big-ip Access Policy Manager 11.5.4
F5 Big-ip Access Policy Manager 11.5.3
F5 Big-ip Access Policy Manager 11.4.0
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.3.0
F5 Big-ip Access Policy Manager 11.2.0
F5 Big-ip Access Policy Manager 11.1.0
F5 Big-ip Access Policy Manager 11.0.0
F5 Big-ip Access Policy Manager 11.5.2
F5 Big-ip Access Policy Manager 11.5.1
F5 Big-ip Access Policy Manager 11.5.0
F5 Big-ip Access Policy Manager 11.4.1
6.8
CVSSv2
CVE-2014-6077
Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x prior to 8.0.1 and Security Access Manager for Web 7.x prior to 7.0.0 FP10 and 8.x prior to 8.0.1 allows remote malicious users to hijack the authentication of arbitrary users for reques...
Ibm Security Access Manager For Web 7.0
Ibm Security Access Manager For Web 8.0
Ibm Security Access Manager For Mobile 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »