CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-30999 – IBM Security Access Manager denial of service
https://notcve.org/view.php?id=CVE-2023-30999
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow an attacker to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 254651. IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 a 10.0.6.1 e IBM Security Verify Access Docker 10.0.0.0 a 10.0.6.1) podría permitir que un atacante provoque una denegación de servicio debido al consumo incontrolado de recursos. ID de IBM X-Force: 254651. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254651 https://www.ibm.com/support/pages/node/7106586 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31005 – IBM Security Access Manager Container privilege escalation
https://notcve.org/view.php?id=CVE-2023-31005
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.0.0 through 10.0.6.1) could allow a local user to escalate their privileges due to an improper security configuration. IBM X-Force ID: 254767. IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 a 10.0.6.1 e IBM Security Verify Access Docker 10.0.0.0 a 10.0.6.1) podría permitir a un usuario local escalar sus privilegios debido a una configuración de seguridad incorrecta. ID de IBM X-Force: 254767. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254767 https://www.ibm.com/support/pages/node/7106586 • CWE-269: Improper Privilege Management •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38267 – IBM Security Access Manager Appliance information disclosure
https://notcve.org/view.php?id=CVE-2023-38267
IBM Security Access Manager Appliance (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: 260584. IBM Security Access Manager Appliance (IBM Security Verify Access Appliance 10.0.0.0 a 10.0.6.1 e IBM Security Verify Access Docker 10.0.6.1) podría permitir que un usuario local obtenga información de configuración confidencial. ID de IBM X-Force: 260584. • https://exchange.xforce.ibmcloud.com/vulnerabilities/260584 https://www.ibm.com/support/pages/node/7106586 • CWE-311: Missing Encryption of Sensitive Data •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31001 – IBM Security Access Manager Container information disclosure
https://notcve.org/view.php?id=CVE-2023-31001
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) temporarily stores sensitive information in files that could be accessed by a local user. IBM X-Force ID: 254653. IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 a 10.0.6.1 e IBM Security Verify Access Docker 10.0.6.1) almacena temporalmente información confidencial en archivos a los que un usuario local podría acceder. ID de IBM X-Force: 254653. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254653 https://www.ibm.com/support/pages/node/7106586 • CWE-257: Storing Passwords in a Recoverable Format •
CVSS: 8.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31003 – IBM Security Access Manager Container privilege escalation
https://notcve.org/view.php?id=CVE-2023-31003
IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.6.1 and IBM Security Verify Access Docker 10.0.6.1) could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254658. IBM Security Access Manager Container (IBM Security Verify Access Appliance 10.0.0.0 a 10.0.6.1 e IBM Security Verify Access Docker 10.0.6.1) podría permitir que un usuario local obtenga acceso raíz debido a controles de acceso inadecuados. ID de IBM X-Force: 254658. • https://exchange.xforce.ibmcloud.com/vulnerabilities/254658 https://www.ibm.com/support/pages/node/7106586 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •