IBM Security Access Manager Appliance has addressed the following vulnerability.
CVEID: CVE-2018-1722 DESCRIPTION: IBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0 could allow remote code execution when Advanced Access Control or Federation services are running.
CVSS Base Score: 10
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/147370> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Affected IBM Security Access Manager Appliance
|
Affected Versions
—|—
IBM Security Access Manager | 9.0.4.0 - 9.0.5.0
Product | VRMF | APAR | Remediation |
---|---|---|---|
IBM Security Access Manager | 9.0.4.0 - | ||
9.0.5.0 | - |
1. For versions prior to 9.0.5.0, upgrade to 9.0.5.0:
2. Upgrade to 9.0.5.0 IF 1:
9.0.5.0-ISS-ISAM-IF0001
None.