All the vulnerabilites related to ibm - security_access_manager_for_web_software
cve-2014-3053
Vulnerability from cvelistv5
Published
2014-06-21 15:00
Modified
2024-08-06 10:28
Severity ?
EPSS score ?
Summary
The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/93501 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/59381 | third-party-advisory, x_refsource_SECUNIA | |
| http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557 | vendor-advisory, x_refsource_AIXAPAR | |
| http://secunia.com/advisories/59438 | third-party-advisory, x_refsource_SECUNIA | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21676700 | x_refsource_CONFIRM | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21676389 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/68132 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.457Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-isam-cve20143053-credentials(93501)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93501"
},
{
"name": "59381",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59381"
},
{
"name": "IV61557",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557"
},
{
"name": "59438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59438"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676700"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676389"
},
{
"name": "68132",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68132"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-isam-cve20143053-credentials(93501)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93501"
},
{
"name": "59381",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59381"
},
{
"name": "IV61557",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557"
},
{
"name": "59438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59438"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676700"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676389"
},
{
"name": "68132",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68132"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-isam-cve20143053-credentials(93501)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93501"
},
{
"name": "59381",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59381"
},
{
"name": "IV61557",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557"
},
{
"name": "59438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59438"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676700",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676700"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676389",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676389"
},
{
"name": "68132",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68132"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-3053",
"datePublished": "2014-06-21T15:00:00",
"dateReserved": "2014-04-29T00:00:00",
"dateUpdated": "2024-08-06T10:28:46.457Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-1489
Vulnerability from cvelistv5
Published
2017-08-28 20:00
Modified
2024-09-16 23:31
Severity ?
EPSS score ?
Summary
IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/128687 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/100592 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1039227 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ibm.com/support/docview.wss?uid=swg22006959 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | IBM | Security Access Manager for Web |
Version: 6.1 Version: 6.1.1 Version: 7.0 Version: 8.0 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.0.1 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 8.0.1.4 Version: 8.0.1.5 Version: 9.0.2 Version: 9.0.2.1 Version: 9.0.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:29.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
},
{
"name": "100592",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100592"
},
{
"name": "1039227",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039227"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Security Access Manager for Web",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "8.0.1.5"
},
{
"status": "affected",
"version": "9.0.2"
},
{
"status": "affected",
"version": "9.0.2.1"
},
{
"status": "affected",
"version": "9.0.3"
}
]
}
],
"datePublic": "2017-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-05T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
},
{
"name": "100592",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100592"
},
{
"name": "1039227",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039227"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-08-23T00:00:00",
"ID": "CVE-2017-1489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Access Manager for Web",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.1.1"
},
{
"version_value": "7.0"
},
{
"version_value": "8.0"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "8.0.1.5"
},
{
"version_value": "9.0.2"
},
{
"version_value": "9.0.2.1"
},
{
"version_value": "9.0.3"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
},
{
"name": "100592",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100592"
},
{
"name": "1039227",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039227"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22006959",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1489",
"datePublished": "2017-08-28T20:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T23:31:41.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-3073
Vulnerability from cvelistv5
Published
2014-06-21 15:00
Modified
2024-08-06 10:35
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote attackers to execute arbitrary code via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/68137 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/93790 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/59438 | third-party-advisory, x_refsource_SECUNIA | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21676699 | x_refsource_CONFIRM | |
| http://www-01.ibm.com/support/docview.wss?uid=swg1IV61563 | vendor-advisory, x_refsource_AIXAPAR |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:55.869Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "68137",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/68137"
},
{
"name": "ibm-isam-cve20143073-code-exec(93790)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93790"
},
{
"name": "59438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59438"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676699"
},
{
"name": "IV61563",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61563"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote attackers to execute arbitrary code via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "68137",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/68137"
},
{
"name": "ibm-isam-cve20143073-code-exec(93790)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93790"
},
{
"name": "59438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59438"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676699"
},
{
"name": "IV61563",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61563"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3073",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote attackers to execute arbitrary code via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "68137",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/68137"
},
{
"name": "ibm-isam-cve20143073-code-exec(93790)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93790"
},
{
"name": "59438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59438"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676699",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676699"
},
{
"name": "IV61563",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61563"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-3073",
"datePublished": "2014-06-21T15:00:00",
"dateReserved": "2014-04-29T00:00:00",
"dateUpdated": "2024-08-06T10:35:55.869Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-0963
Vulnerability from cvelistv5
Published
2014-05-08 10:00
Modified
2024-08-06 09:34
Severity ?
EPSS score ?
Summary
The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/59249 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/92844 | vdb-entry, x_refsource_XF | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21676092 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/58845 | third-party-advisory, x_refsource_SECUNIA | |
| http://www-01.ibm.com/support/docview.wss?uid=swg1IV59660 | vendor-advisory, x_refsource_AIXAPAR | |
| http://secunia.com/advisories/59245 | third-party-advisory, x_refsource_SECUNIA | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21672192 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1030707 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ibm.com/support/docview.wss?uid=swg21675496 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/67238 | vdb-entry, x_refsource_BID | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21676091 | x_refsource_CONFIRM | |
| http://www-304.ibm.com/support/docview.wss?uid=swg21680803 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:34:39.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "59249",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59249"
},
{
"name": "ibm-gskit-cve20140963-dos(92844)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92844"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092"
},
{
"name": "58845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58845"
},
{
"name": "IV59660",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV59660"
},
{
"name": "59245",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/59245"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672192"
},
{
"name": "1030707",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030707"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675496"
},
{
"name": "67238",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67238"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21680803"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "59249",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59249"
},
{
"name": "ibm-gskit-cve20140963-dos(92844)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92844"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092"
},
{
"name": "58845",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58845"
},
{
"name": "IV59660",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV59660"
},
{
"name": "59245",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/59245"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672192"
},
{
"name": "1030707",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030707"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675496"
},
{
"name": "67238",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67238"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21680803"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-0963",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "59249",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59249"
},
{
"name": "ibm-gskit-cve20140963-dos(92844)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92844"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092"
},
{
"name": "58845",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58845"
},
{
"name": "IV59660",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV59660"
},
{
"name": "59245",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/59245"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672192",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672192"
},
{
"name": "1030707",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030707"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21675496",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675496"
},
{
"name": "67238",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67238"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091"
},
{
"name": "http://www-304.ibm.com/support/docview.wss?uid=swg21680803",
"refsource": "CONFIRM",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21680803"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-0963",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-01-06T00:00:00",
"dateUpdated": "2024-08-06T09:34:39.675Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2014-06-21 15:55
Modified
2024-11-21 02:07
Severity ?
Summary
The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "97E19969-DD73-42F2-9E91-504E1663B268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F9CC2E05-5179-4241-A710-E582510EEB0D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "673DB620-B3D4-431D-A8F8-0EA4F53EC3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BACDCBD6-EEF3-4259-9866-A89105AA4C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97CBEC75-1164-4E25-8D32-DBA39C6E8A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials."
},
{
"lang": "es",
"value": "Local Management Interface (LMI) en IBM Security Access Manager (ISAM) for Mobile 8.0 con firmware 8.0.0.0 hasta 8.0.0.3 y IBM Security Access Manager for Web 7.0 y 8.0 con firmware 8.0.0.2 y 8.0.0.3, permite a atacantes remotos evadir autenticaci\u00f3n a trav\u00e9s de una acci\u00f3n de inicio de sesi\u00f3n con credenciales inv\u00e1lidas."
}
],
"id": "CVE-2014-3053",
"lastModified": "2024-11-21T02:07:22.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 8.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:L/Au:N/C:C/I:P/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 9.5,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-21T15:55:03.870",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/59381"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/59438"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676389"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676700"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/68132"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93501"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676389"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68132"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93501"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-29 01:35
Modified
2024-11-21 03:21
Severity ?
Summary
IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg22006959 | Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/100592 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | http://www.securitytracker.com/id/1039227 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/128687 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg22006959 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100592 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039227 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/128687 | VDB Entry, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CAE25B3-55F6-4D93-9110-26323F5D6CF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB8C962-AAEA-4005-BC6B-7768310295E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "86E64D67-84B1-4B22-B68C-AAFA68149206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B0FD7F-8007-41F8-A0B3-0C11B9F6D2BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C7255EFB-AE47-45E9-853E-5242D350A04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "26F1E4CC-0FE8-4D18-9507-74131B8F21E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "624215F6-12DE-42B5-98AE-29F30C759690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B57D6417-ECB7-4A02-8C01-6E85087AD073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92FF03BE-E1FC-491A-BBA5-0C67B9EC0F1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9B9EFD7C-D827-4079-BBA5-38601F1DA571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C54E2A37-F451-4109-A367-A35D38D8E44C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "24BBDD80-3EBA-4F5E-89BC-4107431B813F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "2826D12C-893B-4045-98C0-60FDBB5EC252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1678A4B5-E2BB-41A2-9238-D0D34B189D1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B4412073-8390-46B3-94A6-20D7B8075838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0E0AE0FD-6595-4132-8715-D2B859B04EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "4256CF5F-8B99-4C5D-B67B-840DE56412EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA0D2F3-31B5-4AF8-B6E0-6795A240F094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "37632E93-91AA-47A6-9EF7-EB5A6FC4B843",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "937C104A-74B7-4FC4-B436-42C14C4E4339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "E4449E78-A1A2-423C-A9A4-5AB8ED7B1D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "32B351D1-5DB8-4C6D-8CA8-C22E6DE66D21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "FC8671CD-4FEA-4408-B594-ED8B7BD8543F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB5C09B-0681-42A1-AF82-15E91CD94787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "1083BB5E-C153-46D1-8FEE-63AEB52B5546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59231981-02BF-4998-A86F-BFF6B4B79CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E912624A-33B5-4AF5-96DB-292C14B0A37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "DB434802-50F4-4FCB-B674-C92FC5046140",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A0553613-6429-4202-B9F1-CB2F58412D82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "EC68FC7C-F67D-44C7-AAA7-ECD2DB27C286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7D529E-724A-4AC6-91AA-9C771C980471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "12664D6B-1DF6-455E-99CB-08AF7A3C926E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDBFAE1-351E-4E9F-877E-E9BBB50FCFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BE91D383-8FCF-4352-9DE4-306F99171785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "318A64DE-04E9-4A55-85D7-1079EECD7175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8961882B-0715-4B61-8343-9225BDDBC9E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "699C6485-0FA4-47EE-9081-0332D0B1F8AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6165F468-26EE-4AA7-B806-007F78AFD754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "25C01EE0-7BE2-420C-B538-A15589D9A019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFB52D6-9F29-49C1-83CC-CE662253488B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B4B247D8-4BEC-41BC-822E-5C31A8AECCAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8A32A31D-266C-47D9-B11D-3C2DAEF6A025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8D32BB3A-3404-4B3B-AEBF-BF40B0CDC426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2958706F-D4E1-41C0-A341-2E045A110E68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4E149CF2-75F4-43E8-9B1C-657D95403AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FE300627-1032-405E-96CC-B8CDF03C2326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "745799EB-8664-40D6-907B-9B8F640860E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "097C64C6-9C0E-463A-8EEB-2906D9131887",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF8D79D-0859-4943-A3A9-0C2F4183A9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8F491FA5-27ED-454B-850E-76DF60960D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "24610D16-7235-4EE2-AF20-AAAFCDF749D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "DB4406DA-9DC1-4F76-9D2B-BE5BD8FB31F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7E8F5B-743B-4778-B096-1A2F950A31BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "3930684E-FA31-42CB-8750-097ABEBE643B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "7B733C54-4DDA-4491-A6A0-F07D7D879900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "3F34676D-8537-4C7A-9C25-EF6973C0AD81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.24:*:*:*:*:*:*:*",
"matchCriteriaId": "1A8CB2D8-D1EC-429B-8C8B-48AF082C5FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C3B0FF96-BF36-40A7-99B5-9904785D4A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E08CB452-3475-4143-AD28-550E130A33B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.27:*:*:*:*:*:*:*",
"matchCriteriaId": "4D86E921-FF6A-4045-B853-0D6F86BF2475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.28:*:*:*:*:*:*:*",
"matchCriteriaId": "B582DA4C-9457-4EDD-A47B-66DB213198AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.29:*:*:*:*:*:*:*",
"matchCriteriaId": "575D7BEE-0DB2-435D-844E-387590EF087A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.30:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9BAD4E-9F38-4AB7-A566-834A97CD1A86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BACDCBD6-EEF3-4259-9866-A89105AA4C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "536755AC-3FA7-4FA4-8CA3-0E1D4CB0FB43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68DB06C6-84B3-4DC6-AEE9-9DA49715A3BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B894B409-DC42-4FA4-8864-387635B55F12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B52B9A91-EDAF-43CC-A271-02ADCD691875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F740591-A399-49AC-911B-9ADD117B5BEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EB9A2D-0ABF-46C3-A742-959CC39070DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4B832D0A-923B-4F4B-9F81-BA1BA2E7A920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4EA2E35-08D1-4A2F-8941-0C87DF1BFC2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A953FA93-A982-4104-8D6A-685E53613691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BE0028F4-5A36-4597-9830-46CFE5CF2EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FE607CA8-FB8A-4373-A345-822D5ABEA408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB32198-9382-43CC-9079-08D2162B4C79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "4336D4DD-5DE4-441E-B852-A2E1409953CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "FDCBBC83-DCE2-4522-9808-8EFA63485388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "66159D17-FAB8-408A-90FA-62E9F840B568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "0D79656C-0F25-4647-BE54-AAF0336C7BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "940F82D3-5809-42DC-92B5-F699C34F6996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "6994DE96-2967-4C7C-A896-B68E064C41C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "55734E7A-D2CA-490F-8BAC-F47CE1A2F3FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "E9047D70-83D3-4D45-8A16-4299A0D06D17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "65F66744-ABFA-4EB1-ACFB-FF88E0F20BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "33C28A38-46FA-4878-9F03-D9ACB510ED88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2EC653-CE7B-45A2-AB9F-F760646A4682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "94EF01E4-FBF5-4AF5-A6E8-BECF6052F72F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "2F0E063D-2C5E-4619-9176-9D28716BEDC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "CC30B443-ACDB-4D10-88F2-07DAF8684C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "E843FD37-844C-4359-9465-30C95B5F0831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE19EBF-68CA-4075-9A6D-B3DB7FF5DB6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "D424803C-85C3-4860-B842-93B98554070D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "DC489116-D486-4388-8E93-E6E98EA81868",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53A3B2B3-52B4-4086-9092-364649265F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E24ACD0C-D825-4B2B-9483-66F0B815CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD382BC-2AA1-448E-BC8E-CAB2408995BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23A074B8-A709-44F1-9CB9-7BF2590989C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3F73936C-442D-4857-99B3-605E55D82833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "54243412-CB97-4752-A31A-3CB6A757E495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BD9CF344-C187-4D60-8C90-2FB459883D6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "97AF8910-3F9A-407F-9834-B57D5807693D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB1BA86-C809-414E-8F58-2B6101518FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1634D4-28AB-4F12-B5FB-D32742F5836B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA35BD4-8738-47D3-A8F0-F9ABE4AEB985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "344FE134-DE7B-4925-875E-097DD0AB9AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "674FFA61-8F2A-43FB-BF51-68700698703C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "332D3784-C24E-45A7-880B-0C4A32687B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CF0738FC-EAC8-45C4-ADA9-06DBE3D9EADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "837D32E7-CFB7-462B-8479-E9811C149775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "A7BE362F-72B3-481A-ABF4-4A36F4535F55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C73DE810-1D11-4480-AF62-DC37F22DCC71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "31D161F8-D61A-40DF-AA14-5256DD394082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "154B6E05-54C8-4271-A904-21CA6A2E6F6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6389F03A-3547-44B1-9603-947735FC31B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "E2735E77-B9ED-4608-AFA5-969E039C82F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "0C58102A-8817-4656-AB85-07D60CB2D10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "461046D0-29C2-4152-B4D2-C60E9A04EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "99EB7777-7CA5-41CB-98BC-AFC254E02C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "0CFFABA7-86BD-4201-89F9-0F61E673DB90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "F472F171-9FF2-4C44-AF5B-9CBA19E62A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "5675CDEE-09CB-49D9-8C71-0CD71238129F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "69978C3B-708B-4CDC-8FA0-65A98F2223E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "74CAA03E-DE79-4527-918D-EA219DC2DA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB312B8-7B65-4CE9-B399-2896450B5647",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A4AD958-FDB2-4F63-AD4F-C88B33BFA692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "397073E9-9696-4B4C-926D-668EA4A52E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "643E7B97-17AB-4209-804E-79E94F3D671F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4F807870-4976-43E1-89BE-F08DEEE109CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2B3E49D-08E6-44CF-B034-D155247B5DB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F50A5E-111B-4CF6-A531-FE88E7735140",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D54372BE-6201-48AB-A720-F29E931E52B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "BCCE958E-6DFA-403E-B251-F5BA7825A546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA2F71C-E15F-4729-A0D9-C8C116819546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39017599-E63F-4101-8D37-62D9B0CE6917",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB037932-234B-41AD-8119-D964796ADDFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA1DA71-91C8-4989-98B9-E924ED7B272A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F884817-A712-4A89-B199-2E2483CD8363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "52F627D1-6FB4-47A2-817D-F9EC914DAC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6C428319-FFE3-4365-ABFE-1E6D1CABC0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "79613B00-9B72-43BB-A42A-3BB191021ED7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF1B0C02-D5D9-4F10-9120-C76D39D5C323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44310E32-EA05-420B-8676-4E6EEAFB6631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B93CED0-E8FA-4238-8963-46074D11A334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "907BB0CF-D270-4493-8D61-9841E6C5FE45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E0801BD2-D95B-4703-9804-A555F9E7BA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "525EF7EC-712E-4C84-A15C-B2A30BD11A01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2EE90667-0C16-4E4B-98DC-A6AD7A073D64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "049DD26B-9CF5-4E0C-812E-76A1224A15FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "909073A4-C6D5-47D7-911F-C855DB693EF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A523C406-D64C-4CE6-8CBE-34D4C060E0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "707F0FE4-EC91-44FF-AA21-1E2A99AC5C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D646B2-7308-43A0-AE76-873946FB024E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4B1988E5-DFE6-4282-B9D3-6655297B481B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4BEF4063-73D7-416D-AD21-CDC1C0534677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A8DFC0D0-2326-40CA-B4CC-65194566DA98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1A180463-EDE0-47DB-A031-979E73AA2A33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF57E01-A333-49D7-8B25-D65B66410DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B67748-2677-44E7-B43D-857EBCA926C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEE420D-4686-4C58-B77A-2E509983F4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C9CD3B-A25E-4DD1-9955-39E6E1EB4DC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA399A01-351E-4587-9B0B-804452F09832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC682158-A8A0-4D2D-9ACD-ADF4093B7ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.3.0:if1:*:*:*:*:*:*",
"matchCriteriaId": "A483F61A-0DAC-43DB-B69B-37A6207C1CF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687."
},
{
"lang": "es",
"value": "Las configuraciones e-community de IBM Security Access Manager 6.1, 7.0, 8.0, y 9.0 podr\u00edan estar afectadas por una vulnerabilidad de redirecci\u00f3n. ECSSO Master Authentication puede redireccionar a un servidor que no participa en un dominio e-community. IBM X-Force ID: 128687."
}
],
"id": "CVE-2017-1489",
"lastModified": "2024-11-21T03:21:57.647",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-29T01:35:13.517",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100592"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039227"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100592"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-06-21 15:55
Modified
2024-11-21 02:07
Severity ?
Summary
Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote attackers to execute arbitrary code via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "673DB620-B3D4-431D-A8F8-0EA4F53EC3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BACDCBD6-EEF3-4259-9866-A89105AA4C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97CBEC75-1164-4E25-8D32-DBA39C6E8A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "506C4B29-BC71-4C56-BAB1-06E63BEB1DD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote attackers to execute arbitrary code via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Security Access Manager (ISAM) for Mobile 8.0 y IBM Security Access Manager for Web 7.0 y 8.0 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2014-3073",
"lastModified": "2024-11-21T02:07:24.973",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-21T15:55:03.930",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/59438"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61563"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676699"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/68137"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59438"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV61563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676699"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/68137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93790"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-08 10:55
Modified
2024-11-21 02:03
Severity ?
Summary
The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | security_access_manager_for_web_software | 7.0 | |
| ibm | security_access_manager_for_web_software | 8.0 | |
| ibm | security_access_manager_for_web_appliance | 7.0 | |
| ibm | security_access_manager_for_web_appliance | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BACDCBD6-EEF3-4259-9866-A89105AA4C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "97CBEC75-1164-4E25-8D32-DBA39C6E8A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1C5EBB4D-36F8-453C-9D2C-A63490144596",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages."
},
{
"lang": "es",
"value": "La funcionalidad Reverse Proxy en IBM Global Security Kit (tambi\u00e9n conocido como GSKit) en IBM Security Access Manager (ISAM) para Web 7.0 anterior a 7.0.0-ISS-SAM-IF0006 y 8.0 anterior a 8.0.0.3-ISS-WGA-IF0002 permite a atacantes remotos causar una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de mensajes SSL manipulados."
}
],
"evaluatorImpact": "Per: http://www-01.ibm.com/support/docview.wss?uid=swg21672192\n\n\"Affected Products and Versions\n\nAll versions of IBM Security Access Manager for Web, both software and appliance: 7.0, 8.0\"",
"id": "CVE-2014-0963",
"lastModified": "2024-11-21T02:03:07.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-08T10:55:03.560",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/58845"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/59245"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/59249"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV59660"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672192"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21680803"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675496"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/67238"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1030707"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/58845"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/59249"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV59660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676091"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-304.ibm.com/support/docview.wss?uid=swg21680803"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21675496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/67238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1030707"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/92844"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}