← Back

CVE-2017-1459

nvd nist
Published: Jan 10, 2018Modified: Nov 21, 2024

JSON object

Loading...
4.2
Vector
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
Exploitability: 1.6 / Impact: 2.5
Source: NVD

Description

IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 128378.

Affected (3)

Ibm
3 products
Security Access Manager For Web 8.0 Firmware
Security Access Manager For Mobile
Security Access Manager 9.0 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Security Access Manager For Web 8.0 Firmware
All versions
Running on/withPlatform Versions
Ibm
Security Access Manager For Web Appliance
Version 8.0
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Security Access Manager For Mobile
All versions
Running on/withPlatform Versions
Ibm
Security Access Manager For Mobile Appliance
Version 8.0
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Security Access Manager 9.0 Firmware
All versions

Related CWEs

CWE-732
Incorrect Permission Assignment for Critical Resource
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

References (6)

Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Third Party AdvisoryVDB Entry
Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
VDB EntryVendor Advisory

Timeline

No history available yet.