Lucene search
K
IbmSecurity Identity Manager Adapter

9 matches found

CVE
CVE
added 2016/07/15 6:0 p.m.53 views

CVE-2016-0340

CVE-2016-0340 affects IBM Security Identity Manager (ISIM) Virtual Appliance versions 7.0.0.0–7.0.1.1 prior to FP0003. Root cause: mishandled session expiration allows a remote attacker to hijack a session by leveraging an unattended workstation. Impact: remote session hijacking with attacker-con...

7.4CVSS8.2AI score0.00549EPSS
CVE
CVE
added 2016/07/15 6:0 p.m.45 views

CVE-2016-0339

The issue CVE-2016-0339 affects IBM Security Identity Manager (ISIM) Virtual Appliance versions 7.0.0.0–7.0.1.1, where logout handling mishandles session identifiers, enabling a remote attacker to spoof a user by leveraging knowledge of traffic records. Root cause: improper session identifier man...

5.6CVSS7AI score0.01294EPSS
CVE
CVE
added 2021/06/28 4:10 p.m.45 views

CVE-2021-20573

The CVE-2021-20573 entry applies to IBM Security Identity Manager Adapters 6.0 and 7.0, which are vulnerable to a heap-based buffer overflow caused by improper bounds checking. A remote authenticated attacker could overflow the buffer and crash the server. The linked IBM bulletin confirms affecte...

6.5CVSS6.3AI score0.01498EPSS
CVE
CVE
added 2016/07/15 6:0 p.m.44 views

CVE-2016-0330

CVE-2016-0330 affects IBM Security Identity Manager Virtual Appliance. The issue is a weak password algorithm used during password creation in ISIM VA versions 7.0.0.0–7.0.1.1 prior to FP0003, which could allow remote attackers to gain access by exploiting the password mechanism. The published re...

7.3CVSS8.1AI score0.01225EPSS
CVE
CVE
added 2021/06/28 4:10 p.m.43 views

CVE-2021-20494

CVE-2021-20494 affects IBM Security Identity Manager Adapters 6.0 and 7.0. It is a heap-based buffer overflow caused by improper bounds checking, allowing an authenticated user to overflow a buffer and crash the service. CVSS (3.1) base score 6.5 (Network, Low/Low/High impact on availability). Re...

6.5CVSS6.5AI score0.01132EPSS
CVE
CVE
added 2021/06/28 4:10 p.m.43 views

CVE-2021-20574

CVE-2021-20574 affects IBM Security Identity Manager Adapters (versions 6.0 and 7.0). A remote authenticated attacker can exploit an LDAP injection via a specially crafted request, possibly taking over other accounts. The related IBM security bulletin notes remediation via updated plug-ins, inclu...

8.8CVSS8.2AI score0.01722EPSS
CVE
CVE
added 2021/06/28 4:10 p.m.42 views

CVE-2021-20572

IBM Security Identity Manager Adapters (versions 6.0 and 7.0) are vulnerable to a stack-based buffer overflow caused by improper bounds checking. A remote authenticated attacker could overflow the buffer and crash the server. Connected IBM bulletin details also reference LDAP/injection possibilit...

6.5CVSS6.3AI score0.01498EPSS
CVE
CVE
added 2016/07/15 6:0 p.m.39 views

CVE-2016-0357

CVE-2016-0357 affects IBM Security Identity Manager Virtual Appliance 7.0.0.0–7.0.1.1 (before FP0003). A remote attacker can hijack the user’s clicking action via a crafted website (clickjacking). The advisory lists remediation by upgrading to IBM Security Identity Manager (ISIM) Virtual Applianc...

4.3CVSS5.2AI score0.01348EPSS
CVE
CVE
added 2016/07/15 6:0 p.m.35 views

CVE-2016-0338

CVE-2016-0338 affects IBM Security Identity Manager Virtual Appliance 7.0.0.0–7.0.1.1 (before 7.0.1-ISS-SIM-FP0003). The issue allows local attackers to disclose cleartext passwords by reading a configuration file or by examining running processes. This disclosure constitutes information exposure...

6.2CVSS7.2AI score0.00355EPSS