Ibm Security Access Manager For Mobile — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Security Access Manager For Mobile, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2016-3025 — CVSS 8.1 (high): IBM Security Access Manager for Mobile 8.x before 8.0.1.4 IF3 and Security Access Manager 9.x before 9.0.1.0 IF5 do not properly restrict…
CVE-2017-1473 — CVSS 7.5 (high): IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6 and 9.0.0 through 9.0.3.1 uses weaker than expected cryptographic algorithms…
CVE-2016-5919 — CVSS 7.5 (high): IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker…
CVE-2014-6077 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for…
CVE-2014-6080 — CVSS 6.5 (medium): SQL injection vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0…
CVE-2017-1534 — CVSS 6.1 (medium): IBM Security Access Manager Appliance 8.0.0 and 9.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect…
CVE-2016-3018 — CVSS 6.1 (medium): IBM Security Access Manager for Web is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript…
CVE-2017-1489 — CVSS 6.1 (medium): IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master…
CVE-2016-3043 — CVSS 5.9 (medium): IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable…
CVE-2017-1476 — CVSS 5.9 (medium): IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 could allow a remote attacker to obtain…
CVE-2016-3020 — CVSS 5.5 (medium): IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by…
CVE-2015-5013 — CVSS 5.5 (medium): The IBM Security Access Manager appliance includes configuration files that contain obfuscated plaintext-passwords which authenticated…
CVE-2017-1474 — CVSS 5.3 (medium): IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 discloses sensitive information to…
CVE-2014-6086 — CVSS 5.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do…
CVE-2014-6087 — CVSS 5.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make…
CVE-2014-6088 — CVSS 5.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1…
CVE-2014-6078 — CVSS 5.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do…
CVE-2014-6083 — CVSS 5.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1…
CVE-2014-6084 — CVSS 5.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make…
CVE-2017-1480 — CVSS 4.3 (medium): IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores potentially sensitive information in log…
CVE-2014-6076 — CVSS 4.3 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1…
CVE-2014-4751 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Mobile 8.0.0.0, 8.0.0.1, and 8.0.0.3 allows remote attackers to…
CVE-2017-1459 — CVSS 4.2 (medium): IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that…
CVE-2014-6089 — CVSS 4.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1…
CVE-2014-6082 — CVSS 4.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1…
CVE-2016-3045 — CVSS 3.7 (low): IBM Security Access Manager for Web stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized…
CVE-2016-3046 — CVSS 2.7 (low): IBM Security Access Manager for Web is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements which…