Page 5 of 32 results (0.008 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 150018. IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0 y 9.0.5.0 emplea algoritmos criptográficos más débiles de lo esperado que podrían permitir que un atacante descifre información altamente sensible. IBM X-Force ID: 150018. • http://www.ibm.com/support/docview.wss?uid=ibm10787785 https://exchange.xforce.ibmcloud.com/vulnerabilities/150018 • CWE-326: Inadequate Encryption Strength •

CVSS: 8.8EPSS: 0%CPEs: 3EXPL: 0

IBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 and 9.0.5.0 could allow unauthorized administration operations when Advanced Access Control services are running. IBM X-Force ID: 150998. IBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 y 9.0.5.0 podría permitir operaciones de administración no autorizadas cuando se está ejecutando el servicio Advanced Access Control. IBM X-Force ID: 150998. • http://www.ibm.com/support/docview.wss?uid=ibm10734555 http://www.securitytracker.com/id/1042036 https://exchange.xforce.ibmcloud.com/vulnerabilities/150998 •

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

IBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0 could allow remote code execution when Advanced Access Control or Federation services are running. IBM X-Force ID: 147370. IBM Security Access Manager Appliance 9.0.4.0 y 9.0.5.0 podría permitir la ejecución remota de código cuando se están ejecutando los servicios Advanced Access Control o Federation. IBM X-Force ID: 147370. • http://www.securityfocus.com/bid/105145 http://www.securitytracker.com/id/1041557 https://exchange.xforce.ibmcloud.com/vulnerabilities/147370 https://www.ibm.com/support/docview.wss?uid=ibm10719623 •

CVSS: 5.9EPSS: 0%CPEs: 4EXPL: 0

IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 128610. IBM InfoSphere Information Server 7.0.0, desde la versión 8.0.0 hasta la 8.0.1.6 y desde la 9.0.0 hasta la 9.0.3.1 podría permitir que un atacante remoto obtenga información sensible, provocado por la imposibilidad de habilitar correctamente HTTP Strict Transport Security. Un atacante podría explotar esta vulnerabilidad para obtener información sensible empleando técnicas man-in-the-Middle (MitM). • http://www.ibm.com/support/docview.wss?uid=swg22012310 http://www.securityfocus.com/bid/104501 https://exchange.xforce.ibmcloud.com/vulnerabilities/128610 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores potentially sensitive information in log files that could be read by a remote user. IBM X-Force ID: 128617. IBM Security Access Manager Appliance desde la versión 8.0.0 hasta la 8.0.1.6 y desde la 9.0.0 hasta la 9.0.3.1 almacena información potencialmente sensible en archivos de registro que podrían ser leídos por un usuario remoto. IBM X-Force ID: 128617. • http://www.ibm.com/support/docview.wss?uid=swg22012309 http://www.securityfocus.com/bid/104471 https://exchange.xforce.ibmcloud.com/vulnerabilities/128617 • CWE-532: Insertion of Sensitive Information into Log File •