← Back

CVE-2017-1489

nvd nist
Published: Aug 29, 2017Modified: May 13, 2026

JSON object

Loading...
6.1
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.7
Source: NVD

Description

IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.

Affected (164)

Ibm
6 products
Tivoli Access Manager For E Business
Security Access Manager For Web Software
Security Access Manager For Web Appliance
Security Access Manager For Web
Security Access Manager For Mobile
Security Access Manager
Configuration A
32 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Tivoli Access Manager For E Business
Version 6.1.0.10
Tivoli Access Manager For E Business
Version 6.1.0.11
Tivoli Access Manager For E Business
Version 6.1.0.12
Tivoli Access Manager For E Business
Version 6.1.0.13
Tivoli Access Manager For E Business
Version 6.1.0.14
Tivoli Access Manager For E Business
Version 6.1.0.15
Tivoli Access Manager For E Business
Version 6.1.0.16
Tivoli Access Manager For E Business
Version 6.1.0.17
Tivoli Access Manager For E Business
Version 6.1.0.18
Tivoli Access Manager For E Business
Version 6.1.0.19
Tivoli Access Manager For E Business
Version 6.1.0.1
Tivoli Access Manager For E Business
Version 6.1.0.20
Tivoli Access Manager For E Business
Version 6.1.0.21
Tivoli Access Manager For E Business
Version 6.1.0.22
Tivoli Access Manager For E Business
Version 6.1.0.23
Tivoli Access Manager For E Business
Version 6.1.0.24
Tivoli Access Manager For E Business
Version 6.1.0.25
Tivoli Access Manager For E Business
Version 6.1.0.26
Tivoli Access Manager For E Business
Version 6.1.0.27
Tivoli Access Manager For E Business
Version 6.1.0.28
Tivoli Access Manager For E Business
Version 6.1.0.29
Tivoli Access Manager For E Business
Version 6.1.0.2
Tivoli Access Manager For E Business
Version 6.1.0.30
Tivoli Access Manager For E Business
Version 6.1.0.31
Tivoli Access Manager For E Business
Version 6.1.0.3
Tivoli Access Manager For E Business
Version 6.1.0.4
Tivoli Access Manager For E Business
Version 6.1.0.5
Tivoli Access Manager For E Business
Version 6.1.0.6
Tivoli Access Manager For E Business
Version 6.1.0.7
Tivoli Access Manager For E Business
Version 6.1.0.8
Tivoli Access Manager For E Business
Version 6.1.0.9
Tivoli Access Manager For E Business
Version 6.1.0
Configuration B
31 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Tivoli Access Manager For E Business
Version 6.1.1.10
Tivoli Access Manager For E Business
Version 6.1.1.11
Tivoli Access Manager For E Business
Version 6.1.1.12
Tivoli Access Manager For E Business
Version 6.1.1.13
Tivoli Access Manager For E Business
Version 6.1.1.14
Tivoli Access Manager For E Business
Version 6.1.1.15
Tivoli Access Manager For E Business
Version 6.1.1.16
Tivoli Access Manager For E Business
Version 6.1.1.17
Tivoli Access Manager For E Business
Version 6.1.1.18
Tivoli Access Manager For E Business
Version 6.1.1.19
Tivoli Access Manager For E Business
Version 6.1.1.1
Tivoli Access Manager For E Business
Version 6.1.1.20
Tivoli Access Manager For E Business
Version 6.1.1.21
Tivoli Access Manager For E Business
Version 6.1.1.22
Tivoli Access Manager For E Business
Version 6.1.1.23
Tivoli Access Manager For E Business
Version 6.1.1.24
Tivoli Access Manager For E Business
Version 6.1.1.25
Tivoli Access Manager For E Business
Version 6.1.1.26
Tivoli Access Manager For E Business
Version 6.1.1.27
Tivoli Access Manager For E Business
Version 6.1.1.28
Tivoli Access Manager For E Business
Version 6.1.1.29
Tivoli Access Manager For E Business
Version 6.1.1.2
Tivoli Access Manager For E Business
Version 6.1.1.30
Tivoli Access Manager For E Business
Version 6.1.1.3
Tivoli Access Manager For E Business
Version 6.1.1.4
Tivoli Access Manager For E Business
Version 6.1.1.5
Tivoli Access Manager For E Business
Version 6.1.1.6
Tivoli Access Manager For E Business
Version 6.1.1.7
Tivoli Access Manager For E Business
Version 6.1.1.8
Tivoli Access Manager For E Business
Version 6.1.1.9
Tivoli Access Manager For E Business
Version 6.1.1
Configuration C
31 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Security Access Manager For Web Software
Version 7.0.0.10
Security Access Manager For Web Software
Version 7.0.0.11
Security Access Manager For Web Software
Version 7.0.0.12
Security Access Manager For Web Software
Version 7.0.0.13
Security Access Manager For Web Software
Version 7.0.0.14
Security Access Manager For Web Software
Version 7.0.0.15
Security Access Manager For Web Software
Version 7.0.0.16
Security Access Manager For Web Software
Version 7.0.0.17
Security Access Manager For Web Software
Version 7.0.0.18
Security Access Manager For Web Software
Version 7.0.0.19
Security Access Manager For Web Software
Version 7.0.0.1
Security Access Manager For Web Software
Version 7.0.0.20
Security Access Manager For Web Software
Version 7.0.0.21
Security Access Manager For Web Software
Version 7.0.0.22
Security Access Manager For Web Software
Version 7.0.0.23
Security Access Manager For Web Software
Version 7.0.0.24
Security Access Manager For Web Software
Version 7.0.0.25
Security Access Manager For Web Software
Version 7.0.0.26
Security Access Manager For Web Software
Version 7.0.0.27
Security Access Manager For Web Software
Version 7.0.0.28
Security Access Manager For Web Software
Version 7.0.0.29
Security Access Manager For Web Software
Version 7.0.0.2
Security Access Manager For Web Software
Version 7.0.0.30
Security Access Manager For Web Software
Version 7.0.0.3
Security Access Manager For Web Software
Version 7.0.0.4
Security Access Manager For Web Software
Version 7.0.0.5
Security Access Manager For Web Software
Version 7.0.0.6
Security Access Manager For Web Software
Version 7.0.0.7
Security Access Manager For Web Software
Version 7.0.0.8
Security Access Manager For Web Software
Version 7.0.0.9
Security Access Manager For Web Software
Version 7.0
Configuration D
31 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Security Access Manager For Web Appliance
Version 7.0.0.10
Security Access Manager For Web Appliance
Version 7.0.0.11
Security Access Manager For Web Appliance
Version 7.0.0.12
Security Access Manager For Web Appliance
Version 7.0.0.13
Security Access Manager For Web Appliance
Version 7.0.0.14
Security Access Manager For Web Appliance
Version 7.0.0.15
Security Access Manager For Web Appliance
Version 7.0.0.16
Security Access Manager For Web Appliance
Version 7.0.0.17
Security Access Manager For Web Appliance
Version 7.0.0.18
Security Access Manager For Web Appliance
Version 7.0.0.19
Security Access Manager For Web Appliance
Version 7.0.0.1
Security Access Manager For Web Appliance
Version 7.0.0.20
Security Access Manager For Web Appliance
Version 7.0.0.21
Security Access Manager For Web Appliance
Version 7.0.0.22
Security Access Manager For Web Appliance
Version 7.0.0.23
Security Access Manager For Web Appliance
Version 7.0.0.24
Security Access Manager For Web Appliance
Version 7.0.0.25
Security Access Manager For Web Appliance
Version 7.0.0.26
Security Access Manager For Web Appliance
Version 7.0.0.27
Security Access Manager For Web Appliance
Version 7.0.0.28
Security Access Manager For Web Appliance
Version 7.0.0.29
Security Access Manager For Web Appliance
Version 7.0.0.2
Security Access Manager For Web Appliance
Version 7.0.0.30
Security Access Manager For Web Appliance
Version 7.0.0.3
Security Access Manager For Web Appliance
Version 7.0.0.4
Security Access Manager For Web Appliance
Version 7.0.0.5
Security Access Manager For Web Appliance
Version 7.0.0.6
Security Access Manager For Web Appliance
Version 7.0.0.7
Security Access Manager For Web Appliance
Version 7.0.0.8
Security Access Manager For Web Appliance
Version 7.0.0.9
Security Access Manager For Web Appliance
Version 7.0
Configuration E
16 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Security Access Manager For Web
Version 8.0.0.0
Security Access Manager For Web
Version 8.0.0.1
Security Access Manager For Web
Version 8.0.0.22
Security Access Manager For Web
Version 8.0.0.2
Security Access Manager For Web
Version 8.0.0.31
Security Access Manager For Web
Version 8.0.0.3
Security Access Manager For Web
Version 8.0.0.4
Security Access Manager For Web
Version 8.0.0.5
Security Access Manager For Web
Version 8.0.1.0
Security Access Manager For Web
Version 8.0.1.1
Security Access Manager For Web
Version 8.0.1.2
Security Access Manager For Web
Version 8.0.1.3
Security Access Manager For Web
Version 8.0.1.4
Security Access Manager For Web
Version 8.0.1.5
Security Access Manager For Web
Version 8.0.1.6
Security Access Manager For Web
Version 8.0
Configuration F
16 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Security Access Manager For Mobile
Version 8.0.0.0
Security Access Manager For Mobile
Version 8.0.0.1
Security Access Manager For Mobile
Version 8.0.0.22
Security Access Manager For Mobile
Version 8.0.0.2
Security Access Manager For Mobile
Version 8.0.0.31
Security Access Manager For Mobile
Version 8.0.0.3
Security Access Manager For Mobile
Version 8.0.0.4
Security Access Manager For Mobile
Version 8.0.0.5
Security Access Manager For Mobile
Version 8.0.1.0
Security Access Manager For Mobile
Version 8.0.1.1
Security Access Manager For Mobile
Version 8.0.1.2
Security Access Manager For Mobile
Version 8.0.1.3
Security Access Manager For Mobile
Version 8.0.1.4
Security Access Manager For Mobile
Version 8.0.1.5
Security Access Manager For Mobile
Version 8.0.1.6
Security Access Manager For Mobile
Version 8.0
Configuration G
7 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Security Access Manager
Version 9.0.0.0
Security Access Manager
Version 9.0.0.1
Security Access Manager
Version 9.0.1.0
Security Access Manager
Version 9.0.2.0
Security Access Manager
Version 9.0.2.1
Security Access Manager
Version 9.0.3.0
Security Access Manager
Version 9.0.3.0 if1

Related CWEs

CWE-601
URL Redirection to Untrusted Site ('Open Redirect')
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.

References (8)

Source: psirt@us.ibm.com
Vendor Advisory
Source: psirt@us.ibm.com
Third Party AdvisoryVDB Entry
Source: psirt@us.ibm.com
Third Party AdvisoryVDB Entry
Source: psirt@us.ibm.com
VDB EntryVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
VDB EntryVendor Advisory

Timeline

No history available yet.