NotCVE - vendor:"Ibm" product:"Security Access Manager 9.0 Firmware" version:"9.0.3"

3 results (0.003 seconds)

CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-1478

https://notcve.org/view.php?id=CVE-2017-1478

11 Jan 2018 — IBM Security Access Manager Appliance 9.0.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 128613. La versión 9.0.0 de IBM Security Access Manager Appliance permite que las páginas web se almacenen localmente, lo que permite que sean leídas por otro usuario en el sistema. IBM X-Force ID: 128613. • http://www.ibm.com/support/docview.wss?uid=swg22012323 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.0EPSS: 5%CPEs: 1EXPL: 0

CVE-2017-1453

https://notcve.org/view.php?id=CVE-2017-1453

13 Nov 2017 — IBM Security Access Manager Appliance 9.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 128372. IBM Security Identity Manager Virtual Appliance en su versión 9.0.3 podría permitir que un atacante remoto autenticado ejecute comandos arbitrarios en el sistema. Mediante el envío de una petición especialmente manipulada, un... • http://www.ibm.com/support/docview.wss?uid=swg22009242 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-1477

https://notcve.org/view.php?id=CVE-2017-1477

13 Nov 2017 — IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 128612. La versión 9.0.3 de IBM Security Access Manager Appliance es vulnerable a un ataque de XML External Entity Injection (XXE) al procesar datos XML. Un atacante remoto podría explotar esta vulnerabilidad para exponer información sensible o consumi... • http://www.ibm.com/support/docview.wss?uid=swg22009240 • CWE-611: Improper Restriction of XML External Entity Reference •