Security Identity Manager@7.0.0.0 Security Vulnerabilities and Issues — Security Identity Manager@7.0.0.0 CVE List

Lucene search

IbmSecurity Identity Manager7.0.0.0

4 matches found

CVE•added 2017/09/28 1:29 a.m.•58 views

CVE-2017-1483

IBM Security Identity Manager Adapters 6.0 and 7.0 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 128621.

8.6CVSS8.3AI score0.00523EPSS

CVE•added 2017/09/28 1:29 a.m.•43 views

CVE-2017-1407

IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 1273...

9CVSS8.2AI score0.03897EPSS

CVE•added 2017/02/01 10:59 p.m.•36 views

CVE-2016-9739

IBM Security Identity Manager Virtual Appliance stores user credentials in plain in clear text which can be read by a local user.

7.8CVSS7.7AI score0.00055EPSS

CVE•added 2017/09/18 3:29 p.m.•34 views

CVE-2014-6106

Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager 5.1, 6.0, and 7.0 allows remote attackers to hijack the authentication of users for requests that can cause cross-site scripting attacks, web cache poisoning, or other unspecified impacts via unknown vectors.

8.8CVSS8.5AI score0.00109EPSS