Ibm Security Access Manager For Web — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Security Access Manager For Web, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2016-3028 — CVSS 9.1 (critical): IBM Security Access Manager for Web 7.0 before IF2 and 8.0 before 8.0.1.4 IF3 and Security Access Manager 9.0 before 9.0.1.0 IF5 allow…
CVE-2013-6329 — CVSS 7.8 (high): IBM Global Security Kit (aka GSKit), as used in Content Manager OnDemand 8.5 and 9.0 and other products, allows remote attackers to cause a…
CVE-2015-4963 — CVSS 7.5 (high): IBM Security Access Manager for Web 7.x before 7.0.0.16 and 8.x before 8.0.1.3 mishandles WebSEAL HTTPTransformation requests, which allows…
CVE-2014-6077 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for…
CVE-2014-6080 — CVSS 6.5 (medium): SQL injection vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0…
CVE-2017-1489 — CVSS 6.1 (medium): IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master…
CVE-2016-3018 — CVSS 6.1 (medium): IBM Security Access Manager for Web is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript…
CVE-2017-1476 — CVSS 5.9 (medium): IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 could allow a remote attacker to obtain…
CVE-2017-1474 — CVSS 5.3 (medium): IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 discloses sensitive information to…
CVE-2014-6087 — CVSS 5.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make…
CVE-2014-6088 — CVSS 5.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1…
CVE-2014-6084 — CVSS 5.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make…
CVE-2014-6086 — CVSS 5.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do…
CVE-2014-6078 — CVSS 5.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do…
CVE-2014-6083 — CVSS 5.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1…
CVE-2014-6076 — CVSS 4.3 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1…
CVE-2017-1480 — CVSS 4.3 (medium): IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores potentially sensitive information in log…
CVE-2014-6082 — CVSS 4.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1…
CVE-2014-6089 — CVSS 4.0 (medium): IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1…
CVE-2016-3045 — CVSS 3.7 (low): IBM Security Access Manager for Web stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized…