Ibm Security Access Manager For Mobile 8.0 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Security Access Manager For Mobile 8.0 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2014-4823 — CVSS 10.0 (critical): The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and…
CVE-2016-2908 — CVSS 9.1 (critical): IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error…
CVE-2016-3029 — CVSS 8.8 (high): IBM Security Access Manager for Web is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and…
CVE-2016-3017 — CVSS 7.5 (high): IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfigurations.
CVE-2016-3027 — CVSS 6.5 (medium): IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when…
CVE-2016-3022 — CVSS 6.5 (medium): IBM Security Access Manager for Web could allow an authenticated user to gain access to highly sensitive information due to incorrect file…
CVE-2016-3023 — CVSS 5.3 (medium): IBM Security Access Manager for Web could allow an unauthenticated user to gain access to sensitive information by entering invalid file…
CVE-2016-3016 — CVSS 4.4 (medium): IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin and…
CVE-2014-6079 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before…
CVE-2016-3024 — CVSS 4.0 (medium): IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system.
CVE-2016-3021 — CVSS 2.7 (low): IBM Security Access Manager for Web could allow an authenticated attacker to obtain sensitive information from error message using a…