Vulnerabilities (CVE)

Vendor filter

Ibm Subscribe

Product filter

Security Access Manager For Enterprise Single Sign-on Subscribe

Filter

5 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-4513 1 Ibm 1 Security Access Manager For Enterprise Single Sign-on 2019-10-09 6.4
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume...
CVE-2017-1732 1 Ibm 1 Security Access Manager For Enterprise Single Sign-on 2019-10-09 5.0
IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this...
CVE-2013-6745 1 Ibm 1 Security Access Manager For Enterprise Single Sign-on 2017-08-29 3.5
Cross-site scripting (XSS) vulnerability in the IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote authenticated users to inject arbitrary web script or HTML via crafted input to an...
CVE-2013-5421 1 Ibm 1 Security Access Manager For Enterprise Single Sign-on 2017-08-29 4.3
Cross-site scripting (XSS) vulnerability in the IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote attackers to inject arbitrary web script or HTML via crafted input to an...
CVE-2013-5420 1 Ibm 1 Security Access Manager For Enterprise Single Sign-on 2017-08-29 3.5
The IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote authenticated users to read log files by leveraging helpdesk privileges for a direct request.