Ibm Security_access_manager_for_mobile_8.0_firmware
11 CVEs affecting Ibm Security_access_manager_for_mobile_8.0_firmware. Latest disclosed: 2017-02-01. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-2908 | Critical | 9.1 | 2017-02-01 | IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML d… |
CVE-2016-3029 | High | 8.8 | 2017-02-01 | IBM Security Access Manager for Web is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions tra… |
CVE-2016-3017 | High | 7.5 | 2017-02-01 | IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfigurations. |
CVE-2016-3027 | Medium | 6.5 | 2017-02-01 | IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. A re… |
CVE-2016-3022 | Medium | 6.5 | 2017-02-01 | IBM Security Access Manager for Web could allow an authenticated user to gain access to highly sensitive information due to incorrect file permissions. |
CVE-2016-3023 | Medium | 5.3 | 2017-02-01 | IBM Security Access Manager for Web could allow an unauthenticated user to gain access to sensitive information by entering invalid file names. |
CVE-2016-3016 | Medium | 4.4 | 2017-02-01 | IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code, whi… |
CVE-2016-3024 | Medium | 4.0 | 2017-02-01 | IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system. |
CVE-2016-3021 | Low | 2.7 | 2017-02-01 | IBM Security Access Manager for Web could allow an authenticated attacker to obtain sensitive information from error message using a specially crafted HTTP req… |
CVE-2014-6079 | | 2014-10-03 | Cross-site scripting (XSS) vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x befor… | |
CVE-2014-4823 | | 2014-10-03 | The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Mana… |