IBM Security Access Manager appliances could allow an authenticated user to access some privileged functionality of the server.
CVEID: CVE-2016-3051**
DESCRIPTION:** IBM Security Access Manager for Web could allow an authenticated user to access some privileged functionality of the server.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/114714> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)
IBM Security Access Manager 9.0 appliances, all firmware versions.
Product
| VRMF|APAR|Remediation
—|—|—|—
IBM Security Access Manager| 9.0 - 9.0.2.0| IV92175 | Upgrade to 9.0.3.0:
IBM Security Access Manager V9.0.3 Multiplatform, Multilingual (CRW4EML)
None.