← Back

Tivoli Federated Identity Manager

tivoli_federated_identity_manager

Vendor: Ibm • 22 CVEs

CVEs (22)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2009-5083
1Ibm
1Tivoli Federated Identity Manager
Apr 29, 2026
Aug 12, 2011
N/A· v4
N/A· v3
6.8 MEDIUM· v2
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID relying party, does not perform the expected login rejection upon receiving an OP-Identifier from an OpenID provider, which...Show more
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID relying party, does not perform the expected login rejection upon receiving an OP-Identifier from an OpenID provider, which allows remote attackers to bypass authentication via unspecified vectors.Show less
CVE-2008-7299
1Ibm
1Tivoli Federated Identity Manager
Apr 29, 2026
Aug 12, 2011
N/A· v4
N/A· v3
5.0 MEDIUM· v2
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2 uses an incomplete SAML 1.x browser-artifact, which allows remote OpenID providers to spoof assertions via vectors related to the Issuer field.