5 matches found
Soffid IAM console arbitrary code execution vulnerability
Soffid IAM console is a distributed Identity Manager console program that supports SQL-based and file-based authentication for both web and natively-based applications. A security vulnerability exists in Soffid IAM console version 1.7.4 and earlier. A remote attacker can exploit the vulnerability...
CVE-2017-9363
Untrusted Java serialization in Soffid IAM console before 1.7.5 allows remote attackers to achieve arbitrary remote code execution via a crafted authentication request...
CVE-2017-9363
Untrusted Java serialization in Soffid IAM console before 1.7.5 allows remote attackers to achieve arbitrary remote code execution via a crafted authentication request...
Cross site request forgery (csrf)
Untrusted Java serialization in Soffid IAM console before 1.7.5 allows remote attackers to achieve arbitrary remote code execution via a crafted authentication request...
CVE-2017-9363
Untrusted Java serialization in Soffid IAM console before 1.7.5 allows remote attackers to achieve arbitrary remote code execution via a crafted authentication request...