IBM Security Access Manager for Web 7.x prior to 7.0.0.16 and 8.x prior to 8.0.1.3 mishandles WebSEAL HTTPTransformation requests, which allows remote malicious users to read or write to arbitrary files via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm security access manager for web 7.0.0.6 |
||
ibm security access manager for web 7.0.0.7 |
||
ibm security access manager for web 7.0.0.14 |
||
ibm security access manager for web 7.0.0.2 |
||
ibm security access manager for web 7.0.0.3 |
||
ibm security access manager for web 7.0.0.10 |
||
ibm security access manager for web 7.0.0.11 |
||
ibm security access manager for web 8.0.0.3 |
||
ibm security access manager for web 8.0.0.4 |
||
ibm security access manager for web 7.0.0.4 |
||
ibm security access manager for web 7.0.0.5 |
||
ibm security access manager for web 7.0.0.12 |
||
ibm security access manager for web 7.0.0.13 |
||
ibm security access manager for web 8.0.0.5 |
||
ibm security access manager for web 8.0.0.22 |
||
ibm security access manager for web 7.0.0.15 |
||
ibm security access manager for web 8.0.0.31 |
||
ibm security access manager for web 8.0.1.0 |
||
ibm security access manager for web 7.0.0.1 |
||
ibm security access manager for web 7.0.0.8 |
||
ibm security access manager for web 7.0.0.9 |
||
ibm security access manager for web 7.0 |
||
ibm security access manager for web 8.0 |
||
ibm security access manager for web 8.0.0.2 |
||
ibm security access manager for web 8.0.1.1 |
||
ibm security access manager for web 8.0.1.2 |