Security Access Manager For Web Appliance

security_access_manager_for_web_appliance

Vendor: Ibm • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-1489 1Ibm 6Security Access Manager Security Access Manager For MobileSecurity Access Manager For Web+3 more May 13, 2026 Aug 29, 2017 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain....Show more IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.Show less
CVE-2014-6079 1Ibm 5Security Access Manager For Mobile 8.0 Firmware Security Access Manager For Mobile ApplianceSecurity Access Manager For Web 7.0 Firmware+2 more May 6, 2026 Oct 3, 2014 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobil...Show more Cross-site scripting (XSS) vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject arbitrary web script or HTML via a crafted URL.Show less
CVE-2014-4823 1Ibm 5Security Access Manager For Mobile 8.0 Firmware Security Access Manager For Mobile ApplianceSecurity Access Manager For Web 7.0 Firmware+2 more May 6, 2026 Oct 3, 2014 N/A· v4 N/A· v3 10.0 HIGH· v2 The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remot...Show more The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors.Show less
CVE-2014-4809 1Ibm 3Security Access Manager For Web 7.0 Firmware Security Access Manager For Web 8.0 FirmwareSecurity Access Manager For Web Appliance May 6, 2026 Oct 3, 2014 N/A· v4 N/A· v3 7.1 HIGH· v2 The WebSEAL component in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, when e-community SSO is enabled, allows remote attackers to cause a denial of service (com...Show more The WebSEAL component in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, when e-community SSO is enabled, allows remote attackers to cause a denial of service (component hang) via unspecified vectors.Show less
CVE-2014-3073 1Ibm 4Security Access Manager For Mobile Appliance Security Access Manager For Mobile SoftwareSecurity Access Manager For Web Appliance+1 more May 6, 2026 Jun 21, 2014 N/A· v4 N/A· v3 10.0 HIGH· v2 Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2014-3053 1Ibm 5Security Access Manager For Mobile Appliance Security Access Manager For Mobile SoftwareSecurity Access Manager For Web 8.0 Firmware+2 more May 6, 2026 Jun 21, 2014 N/A· v4 N/A· v3 8.0 HIGH· v2 The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allo...Show more The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials.Show less
CVE-2014-3052 1Ibm 2Security Access Manager For Web 8.0 Firmware Security Access Manager For Web Appliance May 6, 2026 Jun 21, 2014 N/A· v4 N/A· v3 3.3 LOW· v2 The reverse-proxy feature in IBM Security Access Manager (ISAM) for Web 8.0 with firmware 8.0.0.2 and 8.0.0.3 interprets the jct-nist-compliance parameter in the opposite of the intended manner, which makes it easier for...Show more The reverse-proxy feature in IBM Security Access Manager (ISAM) for Web 8.0 with firmware 8.0.0.2 and 8.0.0.3 interprets the jct-nist-compliance parameter in the opposite of the intended manner, which makes it easier for remote attackers to obtain sensitive information by leveraging weak SSL encryption settings that lack NIST SP 800-131A compliance.Show less
CVE-2014-0963 1Ibm 2Security Access Manager For Web Appliance Security Access Manager For Web Software May 6, 2026 May 8, 2014 N/A· v4 N/A· v3 7.1 HIGH· v2 The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a deni...Show more The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages.Show less