Page 2 of 9 results (0.004 seconds)

CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0

Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors. Vulnerabilidad no especificada en Sun Java System Identity Manager (también conocido como IdM) v8.1.0.5 y v8.1.0.6, cuando se usa con Sun Java System Access Manager, OpenSSO Enterprise v8.0 o IBM Tivoli Access Manager, permite a atacantes remotos obtener acceso como administrador a través de vectores desconocidos. • http://osvdb.org/61658 http://secunia.com/advisories/38130 http://securitytracker.com/id?1023447 http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1 http://www.securityfocus.com/bid/37755 http://www.vupen.com/english/advisories/2010/0108 https://exchange.xforce.ibmcloud.com/vulnerabilities/55572 •

CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 0

webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan. webseald en WebSEAL 6.0.0.17 en IBM Tivoli Access Manager para e-busines permite a atacantes remotos provocar una denegación de servicio (caida o cuelgue) mediante peticiones HTTP, como lo demuestró una búsqueda de vulnerabilidades de McAfee. • http://secunia.com/advisories/32755 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270 http://www.securityfocus.com/bid/32461 https://exchange.xforce.ibmcloud.com/vulnerabilities/46821 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 3

Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter. • https://www.exploit-db.com/exploits/27163 http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html http://secunia.com/advisories/18725 http://securityreason.com/securityalert/412 http://securitytracker.com/id?1015582 http://www-1.ibm.com/support/docview.wss?uid=swg24011562 http://www.securityfocus.com/archive/1/423946/100/0/threaded http://www.securityfocus.com/bid/16494 http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt http://www.vupe •

CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0

Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack." • http://secunia.com/advisories/11761 http://www-1.ibm.com/support/docview.wss?uid=swg21168762 http://www.securityfocus.com/bid/10449 https://exchange.xforce.ibmcloud.com/vulnerabilities/16315 •