8 matches found
Security Bulletin: IBM Security Access Manager has fixed a vulnerability in the log4j library shipped with the product. (CVE-2021-4104)
Summary The IBM Security Access Manager version 9.0 ships with a version of log4j that is vulnerable to CVE-2021-4104. The log4j library is no longer used by the IBM Security Access Manager product and a Fixpack has been provided to remove the unused library. Vulnerability Details CVEID:...
Security Bulletin: Security Vulnerabilities in IBM WebSphere Liberty fixed in IBM Security Access Manager Appliance
Summary A Security Vulnerability in IBM WebSphere Liberty has been fixed in the IBM Security Access Manager Appliance Vulnerability Details CVEID: CVE-2019-4441 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could allow a remote attacker to obtain sensitive...
Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Access Manager Appliance
Summary Multiple Security vulnerabilities have been fixed in the 9.0.7 IBM Security Access Manager ISAM appliance. Vulnerability Details CVEID: CVE-2018-0732 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by the sending of a very large prime value to the client by a malicious...
Security Bulletin: Multiple Security vulnerabilities have been fixed in the IBM Security Access Manager Appliance
Summary IBM Security Access Manager Appliance has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2018-10915 DESCRIPTION: PostgreSQL could allow a remote attacker to bypass security restrictions, caused by an issue with improperly resting internal state in between...
Security Bulletin: IBM Security Access Manager appliances are affected by kernel vulnerabilities (CVE-2017-1000364, CVE-2016-10208)
Summary IBM Security Access Manager has addressed the following vulnerabilities, which affect the IBM Security Access Manager appliances. Vulnerability Details CVEID: CVE-2017-1000364 DESCRIPTION: Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a a...
Security Bulletin: IBM Security Access Manager Appliance is affected by a potential information exposure vulnerability (CVE-2017-1480)
Summary IBM Security Access Manager Appliance has addressed the following information exposure vulnerability. Vulnerability Details CVEID: CVE-2017-1480 DESCRIPTION: IBM Security Access Manager Appliance stores potentially sensitive information in log files that could be read by a remote user. CV...
CVE-2017-1476
IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive...
CVE-2017-1478
IBM Security Access Manager Appliance 9.0.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 128613...