Ibm

Tivoli Federated Identity Manager

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2018-1443

  • EPSS 0.06%
  • Veröffentlicht 08.03.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:49

An XML parsing vulnerability affects IBM SAML-based single sign-on (SSO) systems (IBM Security Access Manager 9.0.0 - 9.0.4 and IBM Tivoli Federated Identity Manager 6.2 - 6.0.2.) This vulnerability can allow an attacker with authenticated access to ...

7.5

CVE-2017-1319

  • EPSS 0.14%
  • Veröffentlicht 08.06.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Tivoli Federated Identity Manager 6.2 is affected by a vulnerability due to a missing secure attribute in encrypted session (SSL) cookie. IBM X-Force ID: 125731.

5.4

CVE-2017-1320

  • EPSS 0.26%
  • Veröffentlicht 22.05.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM Tivoli Federated Identity Manager 6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure w...

6.1

CVE-2015-4959

  • EPSS 0.27%
  • Veröffentlicht 18.01.2016 05:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP16 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

4.3

CVE-2015-1966

  • EPSS 0.37%
  • Veröffentlicht 04.07.2015 14:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before FP17, 6.2.1 before FP9, and 6.2.2 before FP15, as used in Security Access Manager for Mobile and other products, allow remote attackers t...

4.3

CVE-2014-3097

  • EPSS 0.67%
  • Veröffentlicht 02.10.2014 00:55:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Open redirect vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0-TIV-TFIM-IF0015, 6.2.1 before 6.2.1-TIV-TFIM-IF0007, and 6.2.2 before 6.2.2-TIV-TFIM-IF0011 allows remote attackers to redirect users to arbitrary web site...

2.1

CVE-2013-5429

  • EPSS 0.18%
  • Veröffentlicht 21.01.2014 01:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The Risk Based Access functionality in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.2 before FP9 does not prevent reuse of One Time Password (OTP) tokens, which make...

5.8

CVE-2013-5431

  • EPSS 0.51%
  • Veröffentlicht 01.11.2013 02:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Open redirect vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.1.1 before IF 15, 6.2.0 before IF 14, 6.2.1, and 6.2.2 before IF 8 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.1.1 before IF 15, 6.2.0 before IF 14, 6...

4.3

CVE-2013-0582

  • EPSS 0.26%
  • Veröffentlicht 02.05.2013 18:55:05
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.12, 6.2.1 before 6.2.1.5, and 6.2.2 before 6.2.2.4 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.12 and 6...

4.3

CVE-2012-6359

  • EPSS 0.52%
  • Veröffentlicht 18.01.2013 21:55:00
  • Zuletzt bearbeitet 11.04.2025 00:51:21

IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.11, 6.2.1 before 6.2.1.3, and 6.2.2 before 6.2.2.2 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.11, 6.2.1 before 6.2.1.3, and 6.2.2 before 6.2.2.2 d...