Filtered by vendor Ibm Subscriptions
Filtered by product Security Access Manager 9.0 Firmware Subscriptions

Search

Switch to Advanced Search (Beta)
Total 25 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2015-8531 1 Ibm 2 Security Access Manager 9.0 Firmware, Security Access Manager For Web 8.0 Firmware 2025-04-12 N/A
Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 before 8.0.1.3 IF4 and 9.0 before 9.0.0.1 IF1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2015-5010 1 Ibm 3 Security Access Manager 9.0 Firmware, Security Access Manager For Web 7.0 Firmware, Security Access Manager For Web 8.0 Firmware 2025-04-12 N/A
IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before 8.0.1.3 IF4, and 9.0 before 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack.
CVE-2017-1533 1 Ibm 1 Security Access Manager 9.0 Firmware 2024-11-21 N/A
IBM Security Access Manager Appliance 9.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130675.
CVE-2017-1478 1 Ibm 2 Security Access Manager, Security Access Manager 9.0 Firmware 2024-11-21 N/A
IBM Security Access Manager Appliance 9.0.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 128613.
CVE-2017-1459 1 Ibm 5 Security Access Manager 9.0 Firmware, Security Access Manager For Mobile, Security Access Manager For Mobile Appliance and 2 more 2024-11-21 N/A
IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 128378.