Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe

Filtered by product Security Access Manager 9.0 Firmware

Total 25 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2015-5018	1 Ibm	3 Security Access Manager 9.0 Firmware, Security Access Manager For Web 7.0 Firmware, Security Access Manager For Web 8.0 Firmware	2025-04-12	8.5 HIGH	8.0 HIGH
IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security Access Manager 9.0 before 9.0.0.0 IF1, allows remote authenticated users to execute arbitrary OS commands by leveraging Local Management Interface (LMI) access.
CVE-2015-8531	1 Ibm	2 Security Access Manager 9.0 Firmware, Security Access Manager For Web 8.0 Firmware	2025-04-12	4.3 MEDIUM	6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in IBM Security Access Manager for Web 8.0 before 8.0.1.3 IF4 and 9.0 before 9.0.0.1 IF1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
CVE-2017-1533	1 Ibm	1 Security Access Manager 9.0 Firmware	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
IBM Security Access Manager Appliance 9.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 130675.
CVE-2017-1478	1 Ibm	2 Security Access Manager, Security Access Manager 9.0 Firmware	2024-11-21	2.1 LOW	3.3 LOW
IBM Security Access Manager Appliance 9.0.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 128613.
CVE-2017-1459	1 Ibm	5 Security Access Manager 9.0 Firmware, Security Access Manager For Mobile, Security Access Manager For Mobile Appliance and 2 more	2024-11-21	4.9 MEDIUM	4.2 MEDIUM
IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 128378.