Ibm Security Privileged Identity Manager
10 CVEs affecting Ibm Security Privileged Identity Manager. Latest disclosed: 2019-04-02. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-1640 | High | 8.8 | 2019-04-02 | IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 could allow a remote authenticated attacker to execute arbitrary commands on the system. By se… |
CVE-2018-1618 | High | 7.7 | 2019-04-02 | IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 could allow a remote attacker to traverse directories on the system. An attacker could send a… |
CVE-2018-1680 | Medium | 5.9 | 2019-04-02 | IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not require that users should have strong passwords by default, which makes it easier for… |
CVE-2016-5960 | Medium | 5.5 | 2017-06-07 | IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 1161… |
CVE-2016-5959 | Medium | 5.3 | 2017-06-07 | IBM Security Privileged Identity Manager 2.0.2 and 2.1.0 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorize… |
CVE-2018-1625 | Medium | 4.3 | 2019-04-02 | IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 generates an error message that includes sensitive information about its environment, users, o… |
CVE-2018-1622 | Medium | 4.3 | 2019-04-02 | IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious… |
CVE-2017-1705 | Medium | 4.3 | 2018-03-30 | IBM Security Privileged Identity Manager 2.1.0 contains left-over, sensitive information in page comments. While this information is not visible at first it ca… |
CVE-2018-1623 | Medium | 4.0 | 2019-04-02 | IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-F… |
CVE-2018-1626 | Low | 3.1 | 2019-04-02 | IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not renew a session variable after a successful authentication which could lead to sessio… |