Ibm

Security Access Manager

48 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2024-35139

  • EPSS 0.01%
  • Veröffentlicht 28.06.2024 16:15:04
  • Zuletzt bearbeitet 21.11.2024 09:19:49

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. IBM X-Force ID: 292415.

6.2

CVE-2024-35137

  • EPSS 0.02%
  • Veröffentlicht 28.06.2024 16:15:04
  • Zuletzt bearbeitet 21.11.2024 09:19:49

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: 292413.

6.5

CVE-2023-38370

  • EPSS 0.03%
  • Veröffentlicht 27.06.2024 19:15:11
  • Zuletzt bearbeitet 21.11.2024 08:13:26

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could allow a user on the network to install malicious packages. IBM X-Force ID: 261197.

5.5

CVE-2023-38368

  • EPSS 0.01%
  • Veröffentlicht 27.06.2024 19:15:11
  • Zuletzt bearbeitet 21.11.2024 08:13:25

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information to a local user to do improper permission controls. IBM X-Force ID: 261195.

7.8

CVE-2023-30998

  • EPSS 0.03%
  • Veröffentlicht 27.06.2024 19:15:11
  • Zuletzt bearbeitet 21.11.2024 08:01:12

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254649.

7.8

CVE-2023-30997

  • EPSS 0.03%
  • Veröffentlicht 27.06.2024 19:15:10
  • Zuletzt bearbeitet 21.11.2024 08:01:12

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254638.

7.5

CVE-2023-38371

  • EPSS 0.04%
  • Veröffentlicht 27.06.2024 18:15:12
  • Zuletzt bearbeitet 21.11.2024 08:13:26

IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 261198.

7.5

CVE-2021-20439

  • EPSS 0.21%
  • Veröffentlicht 15.07.2021 16:15:09
  • Zuletzt bearbeitet 21.11.2024 05:46:35

IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user.

9.8

CVE-2020-4499

  • EPSS 0.38%
  • Veröffentlicht 15.10.2020 13:15:12
  • Zuletzt bearbeitet 21.11.2024 05:32:49

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications. IBM X-Force ID: 182216.

6.1

CVE-2019-4552

  • EPSS 0.15%
  • Veröffentlicht 15.10.2020 13:15:12
  • Zuletzt bearbeitet 21.11.2024 04:43:43

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, ...