Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
security directory server vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2019-4551
IBM Security Directory Server 6.4.0 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 165953.
Ibm Security Directory Server
NA
CVE-2012-2203
IBM Global Security Kit (aka GSKit) prior to 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, uses the PKCS #12 file format for certificate objects without enforcing file integrity, which makes it easier for remote malicious us...
Ibm Global Security Kit 7.0.4.28
Ibm Global Security Kit 7.0.4.29
Ibm Global Security Kit
Ibm Tivoli Directory Server
Ibm Rational Directory Server
NA
CVE-2012-2191
IBM Global Security Kit (aka GSKit) prior to 8.0.14.22, as used in IBM Rational Directory Server, IBM Tivoli Directory Server, and other products, does not properly validate data during execution of a protection mechanism against the Vaudenay SSL CBC timing attack, which allows r...
Ibm Rational Directory Server
Ibm Global Security Kit 7.0.4.28
Ibm Global Security Kit 7.0.4.29
Ibm Global Security Kit
Ibm Tivoli Directory Server
9.1
CVSSv3
CVE-2022-33164
IBM Security Directory Server 7.2.0 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view or write to arbitrary files on the system. IBM X-Force ID:...
Ibm Security Directory Server 7.2.0
7.1
CVSSv3
CVE-2019-4539
IBM Security Directory Server 6.4.0 does not properly neutralize special elements that are used in XML, allowing malicious users to modify the syntax, content, or commands of the XML before it is processed by an end system. IBM X-Force ID: 165812.
Ibm Security Directory Server 6.4.0
5.3
CVSSv3
CVE-2019-4549
IBM Security Directory Server 6.4.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 165951.
Ibm Security Directory Server 6.4.0
5.3
CVSSv3
CVE-2019-4563
IBM Security Directory Server 6.4.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the...
Ibm Security Directory Server 6.4.0.0
5.3
CVSSv3
CVE-2019-4547
IBM Security Directory Server 6.4.0 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 165949.
Ibm Security Directory Server 6.4.0.0
7.5
CVSSv3
CVE-2019-4520
IBM Security Directory Server 6.4.0 uses an inadequate account lockout setting that could allow a remote malicious user to brute force account credentials. IBM X-Force ID: 165178.
Ibm Security Directory Server 6.4.0
8.2
CVSSv3
CVE-2019-4538
IBM Security Directory Server 6.4.0 could allow a remote malicious user to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redir...
Ibm Security Directory Server 6.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »