Published: 25/11/2016 Updated: 28/11/2016

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

IBM Security Access Manager for Mobile 8.x prior to 8.0.1.4 IF3 and Security Access Manager 9.x prior to 9.0.1.0 IF5 do not properly restrict failed login attempts, which makes it easier for remote malicious users to obtain access via a brute-force approach.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm security access manager for mobile 8.0.0.0
ibm security access manager for mobile 8.0.1.2
ibm security access manager for mobile 8.0.1.3
ibm security access manager for mobile 8.0.0.3
ibm security access manager for mobile 8.0.0.4
ibm security access manager 9.0.0.1
ibm security access manager 9.0.1.0
ibm security access manager for mobile 8.0.0.5
ibm security access manager for mobile 8.0.1
ibm security access manager for mobile 8.0.0.1
ibm security access manager for mobile 8.0.0.2
ibm security access manager for mobile 8.0.1.4
ibm security access manager 9.0.0

CWE-254 http://www-01.ibm.com/support/docview.wss?uid=swg1IV89258 http://www-01.ibm.com/support/docview.wss?uid=swg21991107 http://www-01.ibm.com/support/docview.wss?uid=swg1IV89240 http://www.securityfocus.com/bid/93178 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-3025

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect