Ibm Security Identity Manager Virtual Appliance
4 CVEs affecting Ibm Security Identity Manager Virtual Appliance. Latest disclosed: 2020-07-01. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-4676 | High | 7.8 | 2020-07-01 | IBM Security Identity Manager Virtual Appliance 7.0.2 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 171512. |
CVE-2019-4704 | Medium | 4.3 | 2020-07-01 | IBM Security Identity Manager Virtual Appliance 7.0.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to ge… |
CVE-2019-4706 | Low | 2.7 | 2020-07-01 | IBM Security Identity Manager Virtual Appliance 7.0.2 writes information to log files which can be of a sensitive nature and give valuable guidance to an attac… |
CVE-2019-4705 | Low | 2.7 | 2020-07-01 | IBM Security Identity Manager Virtual Appliance 7.0.2 discloses sensitive information to unauthorized users. The information can be used to mount further attac… |