Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveNVDCVE-2013-0555
HistoryJul 23, 2013 - 12:00 a.m.

CVE-2013-0555: IBM Security Access Manager for Enterprise Single Sign-On information disclosure

2013-07-2300:00:00
NVD
web.nvd.nist.gov
22
cve-2013-0555
ibm
security
access manager
enterprise
single sign-on
isam esso
information disclosure
code injection
data compromise
authentication
local exploit
data integrity
confidentiality

AI Score

6.8

Confidence

Low

JSON

The sync.exe process of IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) can be exploited by a local system administrative user through the use of code injection to compromise local data. The attack requires authentication as an Administrative user, can only be exploited locally, and some degree of specialized knowledge is required. An exploit would not impact the data integrity or the availability of the system, but the confidentiality of information could be compromised.

Related

ibm 1
ibm
ibm
Security Bulletin: IBM Security Access Manager for Enterprise Single Sign On (ISAM ESSO) Sync.exe code injection vulnerability (CVE-2013-0555)
2022-09-25 21:06:56

AI Score

6.8

Confidence

Low

JSON
Related for CVE-2013-0555
ibm1