Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
identity manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-5117
Open redirect vulnerability in Sun Java System Identity Manager 6.0 up to and including 6.0 SP4, 7.0, and 7.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
NA
CVE-2008-5118
Sun Java System Identity Manager 6.0 up to and including 6.0 SP4, 7.0, and 7.1 allows remote malicious users to inject frames from arbitrary web sites and conduct phishing attacks via unspecified vectors, related to "frame injection."
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 7.0
5.9
CVSSv3
CVE-2018-1443
An XML parsing vulnerability affects IBM SAML-based single sign-on (SSO) systems (IBM Security Access Manager 9.0.0 - 9.0.4 and IBM Tivoli Federated Identity Manager 6.2 - 6.0.2.) This vulnerability can allow an attacker with authenticated access to trick SAML systems into authen...
Ibm Security Access Manager
Ibm Tivoli Federated Identity Manager 6.2.0
Ibm Tivoli Federated Identity Manager 6.2.2
Ibm Tivoli Federated Identity Manager 6.2.1
6.1
CVSSv3
CVE-2020-17453
WSO2 Management Console up to and including 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter.
Wso2 Identity Server As Key Manager 5.7.0
Wso2 Enterprise Integrator
Wso2 Api Microgateway 2.2.0
Wso2 Identity Server
Wso2 Api Manager Analytics 2.2.0
Wso2 Api Manager Analytics 2.5.0
Wso2 Identity Server Analytics 5.5.0
Wso2 Identity Server As Key Manager 5.5.0
Wso2 Micro Integrator 1.0.0
Wso2 Identity Server Analytics 5.4.1
Wso2 Identity Server Analytics 5.6.0
Wso2 Identity Server Analytics 5.4.0
Wso2 Identity Server As Key Manager 5.6.0
Wso2 Identity Server As Key Manager 5.9.0
Wso2 Identity Server As Key Manager 5.10.0
Wso2 Api Manager Analytics 2.6.0
Wso2 Api Manager
2 Github repositories
6.1
CVSSv3
CVE-2021-29864
IBM Security Identity Manager 6.0 and 6.0.2 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed ...
Ibm Security Identity Manager 6.0.0
Ibm Security Identity Manager 6.0.2
NA
CVE-2010-4324
Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 prior to 370D in Novell Identity Manager (aka IDM) allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Novell Identity Manager
Novell Identity Manager Roles Based Provisioning Module
NA
CVE-2010-2337
Open redirect vulnerability in RSA Federated Identity Manager 4.0 prior to 4.0.25 and 4.1 prior to 4.1.26 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via unknown vectors.
Rsa Federated Identity Manager 4.0
Rsa Federated Identity Manager 4.1
4.9
CVSSv3
CVE-2017-1405
IBM Security Identity Manager Virtual Appliance 7.0 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. IBM X-Force ID: 127392.
Ibm Security Identity Manager 7.0.1
Ibm Security Identity Manager 7.0
7.8
CVSSv3
CVE-2017-1362
IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 126801.
Ibm Security Identity Manager 7.0
Ibm Security Identity Manager 6.0
8.8
CVSSv3
CVE-2018-1453
IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated malicious user to upload or transfer files of dangerous types that can be automatically processed within the environment. IBM X-Force ID: 140055.
Ibm Security Identity Manager 7.0
Ibm Security Identity Manager 7.0.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »