Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
access manager vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-13497
One Identity Cloud Access Manager prior to 8.1.4 Hotfix 1 allows CSRF for logout requests.
Oneidentity Cloud Access Manager 8.1.4
Oneidentity Cloud Access Manager
1 Github repository
6.1
CVSSv3
CVE-2016-9257
In F5 BIG-IP APM 12.0.0 up to and including 12.1.2, non-authenticated users may be able to inject JavaScript into a request that will then be rendered and executed in the context of the Administrative user when the Administrative user is viewing the Access System Logs, allowing t...
F5 Big-ip Access Policy Manager 12.1.2
F5 Big-ip Access Policy Manager 12.1.0
F5 Big-ip Access Policy Manager 12.0.0
F5 Big-ip Access Policy Manager 12.1.1
NA
CVE-2014-3073
Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote malicious users to execute arbitrary code via unknown vectors.
Ibm Security Access Manager For Mobile Software 8.0
Ibm Security Access Manager For Web Appliance 8.0
Ibm Security Access Manager For Web Software 7.0
Ibm Security Access Manager For Web Appliance 7.0
Ibm Security Access Manager For Web Software 8.0
Ibm Security Access Manager For Mobile Appliance 8.0
6.1
CVSSv3
CVE-2015-8531
Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 prior to 8.0.1.3 IF4 and 9.0 prior to 9.0.0.1 IF1 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Ibm Security Access Manager 9.0 Firmware 9.0.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.3
NA
CVE-2014-0646
The runtime WS component in the server in EMC RSA Access Manager 6.1.3 prior to 6.1.3.39, 6.1.4 prior to 6.1.4.22, 6.2.0 prior to 6.2.0.11, and 6.2.1 prior to 6.2.1.03, when INFO logging is enabled, allows local users to discover cleartext passwords by reading log files.
Emc Rsa Access Manager 6.2
Emc Rsa Access Manager 6.1
10
CVSSv3
CVE-2018-1722
IBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0 could allow remote code execution when Advanced Access Control or Federation services are running. IBM X-Force ID: 147370.
Ibm Security Access Manager 9.0.4.0
Ibm Security Access Manager 9.0.5.0
NA
CVE-2009-2713
The CDCServlet component in Sun Java System Access Manager 7.0 2005Q4 and 7.1, when Cross Domain Single Sign On (CDSSO) is enabled, does not ensure that "policy advice" is presented to the correct client, which allows remote malicious users to obtain sensitive informati...
Sun Java System Access Manager 7 2005q4
Sun Java System Access Manager 7.1
Sun Java System Access Manager 6.3 2005q1
Sun Java System Access Manager 7.0 2005q4
Sun Java System Web Server 7.0
NA
CVE-2015-1892
The Multicast DNS (mDNS) responder in IBM Security Access Manager for Web 7.x prior to 7.0.0 FP12 and 8.x prior to 8.0.1 FP1 inadvertently responds to unicast queries with source addresses that are not link-local, which allows remote malicious users to cause a denial of service (...
Ibm Security Access Manager For Web 7.0 Firmware
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.2
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.3
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.4
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.5
Ibm Security Access Manager For Web 8.0 Firmware 8.0.1.0
Ibm Security Access Manager For Web 8.0 Firmware 8.0.0.1
5.9
CVSSv3
CVE-2016-3686
The Single Sign-On (SSO) feature in F5 BIG-IP APM 11.x prior to 11.6.0 HF6 and BIG-IP Edge Gateway 11.0.0 up to and including 11.3.0 might allow remote malicious users to obtain sensitive SessionId information by leveraging access to the Location HTTP header in a redirect.
F5 Big-ip Edge Gateway 11.3.0
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Edge Gateway 11.2.0
F5 Big-ip Edge Gateway 11.1.0
F5 Big-ip Edge Gateway 11.0.0
F5 Big-ip Access Policy Manager 11.5.4
F5 Big-ip Access Policy Manager 11.5.3
F5 Big-ip Access Policy Manager 11.4.0
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Access Policy Manager 11.6.0
F5 Big-ip Access Policy Manager 11.3.0
F5 Big-ip Access Policy Manager 11.2.0
F5 Big-ip Access Policy Manager 11.1.0
F5 Big-ip Access Policy Manager 11.0.0
F5 Big-ip Access Policy Manager 11.5.2
F5 Big-ip Access Policy Manager 11.5.1
F5 Big-ip Access Policy Manager 11.5.0
F5 Big-ip Access Policy Manager 11.4.1
NA
CVE-2014-6080
SQL injection vulnerability in IBM Security Access Manager for Mobile 8.x prior to 8.0.1 and Security Access Manager for Web 7.x prior to 7.0.0 FP10 and 8.x prior to 8.0.1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Ibm Security Access Manager For Mobile 8.0
Ibm Security Access Manager For Web 7.0
Ibm Security Access Manager For Web 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »