CPE Details
IBM Security Access Manager For Web 7.0 Firmware 7.0.0.18
7.0.0.18
2016-03-07
18h10 +00:00
18h10 +00:00
2021-06-09
14h56 +00:00
14h56 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:7.0.0.18:*:*:*:*:*:*:*
Informations
Vendor
ibmProduct
security_access_manager_for_web_7.0_firmwareVersion
7.0.0.18Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM Reference #: 1996868. | 7.5 |
High |
||
| IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to bypass validation and load a page with malicious content. | 5.5 |
Medium |
||
| IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. | 5.9 |
Medium |
||
| IBM Security Access Manager for Web 7.0 before 7.0.0 IF21, 8.0 before 8.0.1.3 IF4, and 9.0 before 9.0.0.1 IF1 does not have a lockout mechanism for invalid login attempts, which makes it easier for remote attackers to obtain access via a brute-force attack. | 7.5 |
High |
||
| The SSH implementation on IBM Security Access Manager for Web appliances 7.0 before 7.0.0 FP19, 8.0 before 8.0.1.3 IF3, and 9.0 before 9.0.0.0 IF1 does not properly restrict the set of MAC algorithms, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors. | 7.5 |
High |
2025©
tesweb SA
