Security Access Manager 9.0 Firmware Security Vulnerabilities and Issues — Security Access Manager 9.0 Firmware CVE List

Lucene search

IbmSecurity Access Manager 9.0 Firmware

6 matches found

CVE•added 2017/02/01 8:59 p.m.•42 views

CVE-2016-3016

IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code, which could allow an authenticated attacker to load malicious code.

4.4CVSS4.5AI score0.00084EPSS

CVE•added 2017/06/07 5:29 p.m.•37 views

CVE-2016-3051

IBM Security Access Manager for Web 9.0.0 could allow an authenticated user to access some privileged functionality of the server. IBM X-Force ID: 114714.

4.3CVSS4.3AI score0.00243EPSS

CVE•added 2017/02/01 8:59 p.m.•36 views

CVE-2016-3021

IBM Security Access Manager for Web could allow an authenticated attacker to obtain sensitive information from error message using a specially crafted HTTP request.

4CVSS3.4AI score0.00073EPSS

CVE•added 2018/01/10 5:29 p.m.•36 views

CVE-2017-1459

IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 128378.

4.9CVSS4.1AI score0.00102EPSS

CVE•added 2017/02/01 8:59 p.m.•35 views

CVE-2016-3024

IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system.

4CVSS4AI score0.00051EPSS

CVE•added 2017/02/01 8:59 p.m.•35 views

CVE-2016-3046

IBM Security Access Manager for Web is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements which could allow the attacker to view information in the back-end database.

4CVSS4.4AI score0.00115EPSS