Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Security_access_manager_for_mobile_8\.0_firmware
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-02-01 | CVE-2016-2908 | IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service. | Security_access_manager_9\.0_firmware, Security_access_manager_for_mobile_8\.0_firmware, Security_access_manager_for_web_8\.0_firmware | 9.1 | ||
| 2014-10-02 | CVE-2014-6079 | Cross-site scripting (XSS) vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | Security_access_manager_for_mobile_8\.0_firmware, Security_access_manager_for_mobile_appliance, Security_access_manager_for_web_7\.0_firmware, Security_access_manager_for_web_8\.0_firmware, Security_access_manager_for_web_appliance | N/A | ||
| 2014-10-02 | CVE-2014-4823 | The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors. | Security_access_manager_for_mobile_8\.0_firmware, Security_access_manager_for_mobile_appliance, Security_access_manager_for_web_7\.0_firmware, Security_access_manager_for_web_8\.0_firmware, Security_access_manager_for_web_appliance | N/A |