Ibm Security_access_manager
5 CVEs affecting Ibm Security_access_manager. Latest disclosed: 2017-08-29. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-3028 | Critical | 9.1 | 2016-11-25 | IBM Security Access Manager for Web 7.0 before IF2 and 8.0 before 8.0.1.4 IF3 and Security Access Manager 9.0 before 9.0.1.0 IF5 allow remote authenticated use… |
CVE-2016-3025 | High | 8.1 | 2016-11-25 | IBM Security Access Manager for Mobile 8.x before 8.0.1.4 IF3 and Security Access Manager 9.x before 9.0.1.0 IF5 do not properly restrict failed login attempts… |
CVE-2017-1489 | Medium | 6.1 | 2017-08-29 | IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redi… |
CVE-2016-3018 | Medium | 6.1 | 2017-02-01 | IBM Security Access Manager for Web is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thu… |
CVE-2016-3045 | Low | 3.7 | 2017-02-01 | IBM Security Access Manager for Web stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access… |