CVE-2018-1443
- EPSS 0.06%
- Published 08.03.2018 16:29:00
- Last modified 21.11.2024 03:59:49
An XML parsing vulnerability affects IBM SAML-based single sign-on (SSO) systems (IBM Security Access Manager 9.0.0 - 9.0.4 and IBM Tivoli Federated Identity Manager 6.2 - 6.0.2.) This vulnerability can allow an attacker with authenticated access to ...
CVE-2017-1319
- EPSS 0.14%
- Published 08.06.2017 21:29:00
- Last modified 20.04.2025 01:37:25
IBM Tivoli Federated Identity Manager 6.2 is affected by a vulnerability due to a missing secure attribute in encrypted session (SSL) cookie. IBM X-Force ID: 125731.
CVE-2017-1320
- EPSS 0.26%
- Published 22.05.2017 20:29:00
- Last modified 20.04.2025 01:37:25
IBM Tivoli Federated Identity Manager 6.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure w...
CVE-2015-4959
- EPSS 0.27%
- Published 18.01.2016 05:59:01
- Last modified 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP16 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2015-1966
- EPSS 0.37%
- Published 04.07.2015 14:59:00
- Last modified 12.04.2025 10:46:40
Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before FP17, 6.2.1 before FP9, and 6.2.2 before FP15, as used in Security Access Manager for Mobile and other products, allow remote attackers t...
CVE-2014-3097
- EPSS 0.67%
- Published 02.10.2014 00:55:03
- Last modified 12.04.2025 10:46:40
Open redirect vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0-TIV-TFIM-IF0015, 6.2.1 before 6.2.1-TIV-TFIM-IF0007, and 6.2.2 before 6.2.2-TIV-TFIM-IF0011 allows remote attackers to redirect users to arbitrary web site...
CVE-2013-5429
- EPSS 0.18%
- Published 21.01.2014 01:55:03
- Last modified 11.04.2025 00:51:21
The Risk Based Access functionality in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.2 before FP9 does not prevent reuse of One Time Password (OTP) tokens, which make...
CVE-2013-5431
- EPSS 0.51%
- Published 01.11.2013 02:55:04
- Last modified 11.04.2025 00:51:21
Open redirect vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.1.1 before IF 15, 6.2.0 before IF 14, 6.2.1, and 6.2.2 before IF 8 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.1.1 before IF 15, 6.2.0 before IF 14, 6...
CVE-2013-0582
- EPSS 0.26%
- Published 02.05.2013 18:55:05
- Last modified 11.04.2025 00:51:21
Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.12, 6.2.1 before 6.2.1.5, and 6.2.2 before 6.2.2.4 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.12 and 6...
CVE-2012-6359
- EPSS 0.52%
- Published 18.01.2013 21:55:00
- Last modified 11.04.2025 00:51:21
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.11, 6.2.1 before 6.2.1.3, and 6.2.2 before 6.2.2.2 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.11, 6.2.1 before 6.2.1.3, and 6.2.2 before 6.2.2.2 d...