Oneidentity Cloud Access Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Oneidentity Cloud Access Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2019-13496 — CVSS 8.1 (high): One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity…
CVE-2019-13498 — CVSS 7.4 (high): One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Transport Security (HSTS), which may allow man-in-the-middle (MITM)…