IBM Security Access Manager 9.0.7.1

CPE Details

IBM Security Access Manager 9.0.7.1
ibm
security_access_manager
9.0.7.1
2020-10-27
10h37 +00:00
2020-10-27
10h37 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:ibm:security_access_manager:9.0.7.1:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

security_access_manager

Version

9.0.7.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2020-4499 2020-10-15 12h40 +00:00 IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications. IBM X-Force ID: 182216.
9.8
Critique
CVE-2019-4552 2020-10-15 12h40 +00:00 IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning, cross-site scripting, and possibly obtain sensitive information. IBM X-Force ID: 165960.
6.1
Moyen
CVE-2019-4036 2019-10-25 16h30 +00:00 IBM Security Access Manager Appliance could allow unauthenticated attacker to cause a denial of service in the reverse proxy component. IBM X-Force ID: 156159.
7.5
Haute