Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
identity manager vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-0353
IBM Security Privileged Identity Manager 2.0 prior to 2.0.2 FP8, when Virtual Appliance is used, does not set the secure flag for the session cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission withi...
Ibm Security Privileged Identity Manager 2.0.2
Ibm Security Privileged Identity Manager 2.0.0
Ibm Security Privileged Identity Manager 2.0.1
4.3
CVSSv2
CVE-2015-1966
Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before FP17, 6.2.1 before FP9, and 6.2.2 before FP15, as used in Security Access Manager for Mobile and other products, allow remote malicious users to inject arbitrary web s...
Ibm Tivoli Federated Identity Manager 6.2.0
Ibm Tivoli Federated Identity Manager 6.2.1
Ibm Tivoli Federated Identity Manager 6.2.2
4.6
CVSSv2
CVE-2018-1443
An XML parsing vulnerability affects IBM SAML-based single sign-on (SSO) systems (IBM Security Access Manager 9.0.0 - 9.0.4 and IBM Tivoli Federated Identity Manager 6.2 - 6.0.2.) This vulnerability can allow an attacker with authenticated access to trick SAML systems into authen...
Ibm Security Access Manager
Ibm Tivoli Federated Identity Manager 6.2.0
Ibm Tivoli Federated Identity Manager 6.2.2
Ibm Tivoli Federated Identity Manager 6.2.1
4.3
CVSSv2
CVE-2020-17453
WSO2 Management Console up to and including 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter.
Wso2 Identity Server As Key Manager 5.7.0
Wso2 Enterprise Integrator
Wso2 Api Microgateway 2.2.0
Wso2 Identity Server
Wso2 Api Manager Analytics 2.2.0
Wso2 Api Manager Analytics 2.5.0
Wso2 Identity Server Analytics 5.5.0
Wso2 Identity Server As Key Manager 5.5.0
Wso2 Micro Integrator 1.0.0
Wso2 Identity Server Analytics 5.4.1
Wso2 Identity Server Analytics 5.6.0
Wso2 Identity Server Analytics 5.4.0
Wso2 Identity Server As Key Manager 5.6.0
Wso2 Identity Server As Key Manager 5.9.0
Wso2 Identity Server As Key Manager 5.10.0
Wso2 Api Manager Analytics 2.6.0
Wso2 Api Manager
2 Github repositories
4.3
CVSSv2
CVE-2010-4324
Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 prior to 370D in Novell Identity Manager (aka IDM) allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Novell Identity Manager
Novell Identity Manager Roles Based Provisioning Module
6
CVSSv2
CVE-2010-2337
Open redirect vulnerability in RSA Federated Identity Manager 4.0 prior to 4.0.25 and 4.1 prior to 4.1.26 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unknown vectors.
Rsa Federated Identity Manager 4.0
Rsa Federated Identity Manager 4.1
6.5
CVSSv2
CVE-2018-1453
IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated malicious user to upload or transfer files of dangerous types that can be automatically processed within the environment. IBM X-Force ID: 140055.
Ibm Security Identity Manager 7.0
Ibm Security Identity Manager 7.0.1
4
CVSSv2
CVE-2017-1405
IBM Security Identity Manager Virtual Appliance 7.0 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. IBM X-Force ID: 127392.
Ibm Security Identity Manager 7.0.1
Ibm Security Identity Manager 7.0
2.1
CVSSv2
CVE-2017-1362
IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 126801.
Ibm Security Identity Manager 7.0
Ibm Security Identity Manager 6.0
NA
CVE-2021-29864
IBM Security Identity Manager 6.0 and 6.0.2 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed ...
Ibm Security Identity Manager 6.0.0
Ibm Security Identity Manager 6.0.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »