Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe

Filtered by product Security Access Manager 9.0 Firmware

Total 25 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-3019	1 Ibm	1 Security Access Manager 9.0 Firmware	2024-11-21	4.0 MEDIUM	6.5 MEDIUM
IBM Security Access Manager for Web 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 114462.
CVE-2016-3017	1 Ibm	6 Security Access Manager 9.0 Firmware, Security Access Manager For Mobile 8.0 Firmware, Security Access Manager For Mobile Appliance and 3 more	2024-11-21	5.0 MEDIUM	7.5 HIGH
IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfigurations.
CVE-2016-3016	1 Ibm	6 Security Access Manager 9.0 Firmware, Security Access Manager For Mobile 8.0 Firmware, Security Access Manager For Mobile Appliance and 3 more	2024-11-21	3.5 LOW	4.4 MEDIUM
IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code, which could allow an authenticated attacker to load malicious code.
CVE-2016-2908	1 Ibm	5 Security Access Manager 9.0 Firmware, Security Access Manager For Mobile 8.0 Firmware, Security Access Manager For Mobile Appliance and 2 more	2024-11-21	6.4 MEDIUM	9.1 CRITICAL
IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service.
CVE-2015-5013	1 Ibm	6 Security Access Manager 9.0, Security Access Manager 9.0 Firmware, Security Access Manager For Mobile and 3 more	2024-11-21	2.1 LOW	5.5 MEDIUM
The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated users can access.