Ibm

Security Identity Manager Adapter

9 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2021-20494

  • EPSS 0.28%
  • Veröffentlicht 28.06.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:40

IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap based buffer overflow, caused by improper bounds. An authenticared user could overflow the buffer and cause the service to crash. IBM X-Force ID: 197882.

6.5

CVE-2021-20572

  • EPSS 0.66%
  • Veröffentlicht 28.06.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:47

IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199247.

6.5

CVE-2021-20573

  • EPSS 0.66%
  • Veröffentlicht 28.06.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:47

IBM Security Identity Manager Adapters 6.0 and 7.0 are vulnerable to a heap-based buffer overflow, caused by improper bounds checking. A remote authenticated attacker could overflow the and cause the server to crash. IBM X-Force ID: 199249.

8.8

CVE-2021-20574

  • EPSS 1.3%
  • Veröffentlicht 28.06.2021 16:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:47

IBM Security Identity Manager Adapters 6.0 and 7.0 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and takeover other accounts. IBM X-Force I...

4.3

CVE-2016-0357

  • EPSS 0.21%
  • Veröffentlicht 15.07.2016 18:59:06
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 allows remote attackers to conduct clickjacking attacks via a crafted web site.

7.4

CVE-2016-0340

  • EPSS 0.2%
  • Veröffentlicht 15.07.2016 18:59:05
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session expiration, which allows remote attackers to hijack sessions by leveraging an unattended workstation.

5.6

CVE-2016-0339

  • EPSS 0.23%
  • Veröffentlicht 15.07.2016 18:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles session identifiers after logout, which makes it easier for remote attackers to spoof users by leveraging knowledge of "traffic reco...

6.2

CVE-2016-0338

  • EPSS 0.05%
  • Veröffentlicht 15.07.2016 18:59:03
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 allows local users to discover cleartext passwords by (1) reading a configuration file or (2) examining a process.

7.3

CVE-2016-0330

  • EPSS 0.21%
  • Veröffentlicht 15.07.2016 18:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.1 before 7.0.1-ISS-SIM-FP0003 mishandles password creation, which makes it easier for remote attackers to obtain access by leveraging an attack against the password algorith...