Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
identity manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0239
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allow remote malicious users to inject arbitrary HTML or web script via the (1) cntry or lang parameters to /idm/login.jsp, (2) resultsForm parameter to /idm/...
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
3 EDB exploits
NA
CVE-2008-0240
/idm/help/index.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote malicious users to inject frames from arbitrary web sites and conduct phishing attacks via the helpUrl parameter, aka "frame injection."
Sun Java System Identity Manager 7.1
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
1 EDB exploit
NA
CVE-2008-0241
Open redirect vulnerability in /idm/user/login.jsp in Sun Java System Identity Manager 6.0 SP1 through SP3, 7.0, and 7.1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the nextPage parameter.
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
7.5
CVSSv3
CVE-2017-1319
IBM Tivoli Federated Identity Manager 6.2 is affected by a vulnerability due to a missing secure attribute in encrypted session (SSL) cookie. IBM X-Force ID: 125731.
Ibm Tivoli Federated Identity Manager 6.2.1
Ibm Tivoli Federated Identity Manager 6.2.2
Ibm Tivoli Federated Identity Manager 6.2.0
NA
CVE-2015-1966
Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before FP17, 6.2.1 before FP9, and 6.2.2 before FP15, as used in Security Access Manager for Mobile and other products, allow remote malicious users to inject arbitrary web s...
Ibm Tivoli Federated Identity Manager 6.2.0
Ibm Tivoli Federated Identity Manager 6.2.1
Ibm Tivoli Federated Identity Manager 6.2.2
3.7
CVSSv3
CVE-2016-0353
IBM Security Privileged Identity Manager 2.0 prior to 2.0.2 FP8, when Virtual Appliance is used, does not set the secure flag for the session cookie in an https session, which makes it easier for remote malicious users to capture this cookie by intercepting its transmission withi...
Ibm Security Privileged Identity Manager 2.0.2
Ibm Security Privileged Identity Manager 2.0.0
Ibm Security Privileged Identity Manager 2.0.1
NA
CVE-2008-5115
Cross-site request forgery (CSRF) vulnerability in Sun Java System Identity Manager 6.0 up to and including 6.0 SP4, 7.0, and 7.1 allows remote malicious users to hijack the authentication of administrators for requests that update the password via idm/admin/changeself.jsp.
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
1 EDB exploit
NA
CVE-2014-3097
Open redirect vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 prior to 6.2.0-TIV-TFIM-IF0015, 6.2.1 prior to 6.2.1-TIV-TFIM-IF0007, and 6.2.2 prior to 6.2.2-TIV-TFIM-IF0011 allows remote malicious users to redirect users to arbitrary web sites and conduct phis...
Ibm Tivoli Federated Identity Manager 6.2.2
Ibm Tivoli Federated Identity Manager 6.2.0
Ibm Tivoli Federated Identity Manager 6.2.1
6.5
CVSSv3
CVE-2016-2996
IBM Security Privileged Identity Manager 2.0 prior to 2.0.2 FP8, when Virtual Appliance is used, allows remote authenticated users to append to arbitrary files via unspecified vectors.
Ibm Security Privileged Identity Manager 2.0.1
Ibm Security Privileged Identity Manager 2.0.0
Ibm Security Privileged Identity Manager 2.0.2
NA
CVE-2008-5114
Multiple cross-site scripting (XSS) vulnerabilities in Sun Java System Identity Manager 6.0 up to and including 6.0 SP4, 7.0, and 7.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sun Java System Identity Manager 6.0
Sun Java System Identity Manager 7.0
Sun Java System Identity Manager 7.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »