Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
access manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-13496
One Identity Cloud Access Manager prior to 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity Defender product, and replacing a failed SAML response with a successful SAML response.
Oneidentity Cloud Access Manager
Oneidentity Cloud Access Manager 8.1.4
1 Github repository
4.3
CVSSv2
CVE-2016-9257
In F5 BIG-IP APM 12.0.0 up to and including 12.1.2, non-authenticated users may be able to inject JavaScript into a request that will then be rendered and executed in the context of the Administrative user when the Administrative user is viewing the Access System Logs, allowing t...
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 12.1.1
10
CVSSv2
CVE-2014-3073
Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote malicious users to execute arbitrary code via unknown vectors.
Ibm Security Access Manager For Mobile Software 8.0
Ibm Security Access Manager For Web Appliance 8.0
Ibm Security Access Manager For Web Software 7.0
Ibm Security Access Manager For Web Appliance 7.0
Ibm Security Access Manager For Web Software 8.0
Ibm Security Access Manager For Mobile Appliance 8.0
4.3
CVSSv2
CVE-2015-8531
Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 prior to 8.0.1.3 IF4 and 9.0 prior to 9.0.0.1 IF1 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Ibm Security Access Manager 9.0 Firmware 9.0.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.3
6.9
CVSSv2
CVE-2014-0646
The runtime WS component in the server in EMC RSA Access Manager 6.1.3 prior to 6.1.3.39, 6.1.4 prior to 6.1.4.22, 6.2.0 prior to 6.2.0.11, and 6.2.1 prior to 6.2.1.03, when INFO logging is enabled, allows local users to discover cleartext passwords by reading log files.
Emc Rsa Access Manager 6.2
Emc Rsa Access Manager 6.1
10
CVSSv2
CVE-2018-1722
IBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0 could allow remote code execution when Advanced Access Control or Federation services are running. IBM X-Force ID: 147370.
Ibm Security Access Manager 9.0.4.0
Ibm Security Access Manager 9.0.5.0
4.3
CVSSv2
CVE-2009-2713
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote malicious users to obtain sensitive informati...
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.1
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
5
CVSSv2
CVE-2015-1892
The Multicast DNS (mDNS) responder in IBM Security Access Manager for Web 7.x prior to 7.0.0 FP12 and 8.x prior to 8.0.1 FP1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote malicious users to cause a denial of service (...
Ibm Security Access Manager For Web 7.0 Firmware
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.3
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.4
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.1
4.3
CVSSv2
CVE-2016-3686
The Single Sign-On (SSO) feature in F5 BIG-IP APM 11.x prior to 11.6.0 HF6 and BIG-IP Edge Gateway 11.0.0 up to and including 11.3.0 might allow remote malicious users to obtain sensitive SessionId information by leveraging access to the Location HTTP header in a redirect.
F5 Big-ip Edge Gateway 11.3.0
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Edge Gateway 11.2.0
F5 Big-ip Edge Gateway 11.1.0
F5 Big-ip Edge Gateway 11.0.0
F5 Big-ip Access Policy Manager 11.5.4
F5 Big-ip Access Policy Manager 11.5.3
F5 Big-ip Access Policy Manager 11.4.0
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.3.0
F5 Big-ip Access Policy Manager 11.2.0
F5 Big-ip Access Policy Manager 11.1.0
F5 Big-ip Access Policy Manager 11.0.0
F5 Big-ip Access Policy Manager 11.5.2
F5 Big-ip Access Policy Manager 11.5.1
F5 Big-ip Access Policy Manager 11.5.0
F5 Big-ip Access Policy Manager 11.4.1
4.3
CVSSv2
CVE-2014-6076
IBM Security Access Manager for Mobile 8.x prior to 8.0.1 and Security Access Manager for Web 7.x prior to 7.0.0 FP10 and 8.x prior to 8.0.1 allow remote malicious users to conduct clickjacking attacks via a crafted web site.
Ibm Security Access Manager For Mobile 8.0
Ibm Security Access Manager For Web 7.0
Ibm Security Access Manager For Web 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »