21 results (0.007 seconds)

CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ForgeRock Access Management allows Authorization Bypass. This issue affects access management: before 7.3.0, before 7.2.1, before 7.1.4, through 7.0.2. La limitación inadecuada de una vulnerabilidad de nombre de ruta a un directorio restringido ("Path Traversal") en ForgeRock Access Management permite eludir la autorización. Este problema afecta la gestión de acceso: antes de 7.3.0, antes de 7.2.1, antes de 7.1.4, hasta 7.0.2. • https://backstage.forgerock.com/downloads/browse/am/featured https://backstage.forgerock.com/knowledge/kb/article/a64088600 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Improper Authorization vulnerability in ForgeRock Inc. Access Management allows Authentication Bypass. This issue affects Access Management: from 6.5.0 through 7.2.0. • https://backstage.forgerock.com/downloads/browse/am/all/productId:am https://backstage.forgerock.com/knowledge/kb/article/a34332318 https://backstage.forgerock.com/knowledge/kb/article/a92134872 • CWE-285: Improper Authorization •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Cleartext Transmission of Sensitive Information vulnerability in ForgeRock Inc. OpenIDM and Java Remote Connector Server (RCS) LDAP Connector on Windows, MacOS, Linux allows Remote Services with Stolen Credentials.This issue affects OpenIDM and Java Remote Connector Server (RCS): from 1.5.20.9 through 1.5.20.13. • https://backstage.forgerock.com/downloads/browse/idm/all/productId:idm-connectors/subProductId:ldap/minorVersion:1.5/version:1.5.20.14 https://backstage.forgerock.com/knowledge/kb/article/a14149722 • CWE-319: Cleartext Transmission of Sensitive Information •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Relative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows Authentication Bypass. This issue affects Access Management Java Policy Agent: all versions up to 5.10.1 • https://backstage.forgerock.com/downloads/browse/am/featured/java-agents https://backstage.forgerock.com/knowledge/kb/article/a21576868 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass. This issue affects Access Management Web Policy Agent: all versions up to 5.10.1 • https://backstage.forgerock.com/downloads/browse/am/featured/web-agents https://backstage.forgerock.com/knowledge/kb/article/a21576868 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-23: Relative Path Traversal •