Security Access Manager 9.0 Firmware Security Vulnerabilities and Issues — Security Access Manager 9.0 Firmware CVE List

Lucene search

IbmSecurity Access Manager 9.0 Firmware

3 matches found

CVE•added 2016/01/02 5:59 a.m.•39 views

CVE-2015-5018

IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access.

8.5CVSS7.8AI score0.01336EPSS

CVE•added 2017/11/13 11:29 p.m.•39 views

CVE-2017-1477

IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 128612.

8.1CVSS7.8AI score0.00583EPSS

CVE•added 2017/02/01 8:59 p.m.•36 views

CVE-2016-3029

IBM Security Access Manager for Web is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

8.8CVSS8.6AI score0.00159EPSS