Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
user access manager vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2018-18255
An issue exists in CapMon Access Manager 5.4.1.1005. The client applications of AccessManagerCoreService.exe communicate with this server through named pipes. A user can initiate communication with the server by creating a named pipe and sending commands to achieve elevated privi...
Capmon Access Manager
445
VMScore
CVE-2021-20439
IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user.
Ibm Security Access Manager 9.0
Ibm Security Verify Access 10.0.0
668
VMScore
CVE-2018-10197
There is a time-based blind SQL injection vulnerability in the Access Manager component prior to 9.18.040 and 10.x prior to 10.18.040 in ELO ELOenterprise 9 and 10 and ELOprofessional 9 and 10 that makes it possible to read all database content. The vulnerability exists in the ti...
Elo Access Manager
445
VMScore
CVE-2019-19989
An issue exists in Selesta Visual Access Manager (VAM) 4.15.0 up to and including 4.29. Several PHP pages, and other type of files, are reachable by any user without checking for user identity and authorization.
Seling Visual Access Manager
356
VMScore
CVE-2020-35934
The Advanced Access Manager plugin prior to 6.6.2 for WordPress displays the unfiltered user object (including all metadata) upon login via the REST API (aam/v1/authenticate or aam/v2/authenticate). This is a security problem if this object stores information that the user is not...
Vasyltech Advanced Access Manager
445
VMScore
CVE-2018-9026
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote malicious users to hijack user sessions with a specially crafted request.
Broadcom Privileged Access Manager
NA
CVE-2023-35187
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal Remote Code Vulnerability. This vulnerability allows an unauthenticated user to achieve the Remote Code Execution.
Solarwinds Access Rights Manager
356
VMScore
CVE-2020-4461
IBM Security Access Manager Appliance 9.0.7.1 could allow an authenticated user to bypass security by allowing id_token claims manipulation without verification. IBM X-Force ID: 181481.
Ibm Security Access Manager
641
VMScore
CVE-2018-18256
An issue exists in CapMon Access Manager 5.4.1.1005. A regular user can obtain local administrator privileges if they run any whitelisted application through the Custom App Launcher.
Capmon Access Manager 5.4.1.1005
NA
CVE-2024-23476
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution.
Solarwinds Access Rights Manager
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »