Page 3 of 31 results (0.013 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

IBM Security Access Manager 9.0.1 through 9.0.6 is affected by a security vulnerability that could allow authenticated users to impersonate other users. IBM X-Force ID: 158331. IBM Security Access Manager versión 9.0.1 hasta 9.0.6, es afectado por una vulnerabilidad de seguridad que podría permitir a usuarios autenticados hacerse pasar por otros usuarios. ID de IBM X-Force: 158331. • https://exchange.xforce.ibmcloud.com/vulnerabilities/158331 https://www.ibm.com/support/docview.wss?uid=ibm10888379 •

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 144726. IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0 y 9.0.5.0 es vulnerable a Cross-Site Scripting (XSS). Esta vulnerabilidad permite que los usuarios embeban código JavaScript arbitrario en la interfaz de usuario web, lo que altera las funcionalidades previstas. • http://www.ibm.com/support/docview.wss?uid=ibm10787785 http://www.securityfocus.com/bid/106272 https://exchange.xforce.ibmcloud.com/vulnerabilities/144726 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 149702. IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0 y 9.0.5.0 podría permitir que un atacante remoto secuestre la acción de clicado de la víctima. Al persuadir a una víctima para que visite un sitio web malicioso, un atacante remoto podría explotar esta vulnerabilidad para secuestrar las acciones de clicado de la víctima y, probablemente, lanzar más ataques contra la víctima. • http://www.ibm.com/support/docview.wss?uid=ibm10787785 https://exchange.xforce.ibmcloud.com/vulnerabilities/149702 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 149704. IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0 y 9.0.5.0 genera un mensaje de error que incluye información sensible sobre su entorno, usuarios o datos asociados. IBM X-Force ID: 149704. • http://www.ibm.com/support/docview.wss?uid=ibm10787785 https://exchange.xforce.ibmcloud.com/vulnerabilities/149704 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 152021. IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0 y 9.0.5.0 divulga información sensible a usuarios no autorizados. Esta información puede emplearse para ejecutar más ataques en el sistema. • http://www.ibm.com/support/docview.wss?uid=ibm10787785 https://exchange.xforce.ibmcloud.com/vulnerabilities/152021 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •