Vulnerabilites related to ibm - tivoli_access_manager_for_e-business
cve-2004-2558
Vulnerability from cvelistv5
Published
2005-11-21 11:00
Modified
2024-08-08 01:29
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/10449 | vdb-entry, x_refsource_BID | |
| http://www-1.ibm.com/support/docview.wss?uid=swg21168762 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/11761 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16315 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:29:13.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "10449",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10449"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762"
},
{
"name": "11761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11761"
},
{
"name": "ibm-cookie-session-hijack(16315)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16315"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-05-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka \"Potential Credential Impersonation Attack.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "10449",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10449"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762"
},
{
"name": "11761",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11761"
},
{
"name": "ibm-cookie-session-hijack(16315)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16315"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2558",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka \"Potential Credential Impersonation Attack.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "10449",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10449"
},
{
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762",
"refsource": "CONFIRM",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762"
},
{
"name": "11761",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11761"
},
{
"name": "ibm-cookie-session-hijack(16315)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16315"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2558",
"datePublished": "2005-11-21T11:00:00",
"dateReserved": "2005-11-21T00:00:00",
"dateUpdated": "2024-08-08T01:29:13.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-5257
Vulnerability from cvelistv5
Published
2008-11-27 00:00
Modified
2024-08-07 10:49
Severity ?
EPSS score ?
Summary
webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/32755 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/46821 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/32461 | vdb-entry, x_refsource_BID | |
| http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611 | vendor-advisory, x_refsource_AIXAPAR | |
| http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270 | vendor-advisory, x_refsource_AIXAPAR |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:49:11.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "32755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32755"
},
{
"name": "tivoli-ebusiness-webseal-dos(46821)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46821"
},
{
"name": "32461",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32461"
},
{
"name": "IZ28611",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611"
},
{
"name": "IZ37270",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "32755",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32755"
},
{
"name": "tivoli-ebusiness-webseal-dos(46821)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46821"
},
{
"name": "32461",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32461"
},
{
"name": "IZ28611",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611"
},
{
"name": "IZ37270",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "32755",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32755"
},
{
"name": "tivoli-ebusiness-webseal-dos(46821)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46821"
},
{
"name": "32461",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32461"
},
{
"name": "IZ28611",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611"
},
{
"name": "IZ37270",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5257",
"datePublished": "2008-11-27T00:00:00",
"dateReserved": "2008-11-26T00:00:00",
"dateUpdated": "2024-08-07T10:49:11.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0513
Vulnerability from cvelistv5
Published
2006-02-06 23:00
Modified
2024-08-07 16:41
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html | mailing-list, x_refsource_FULLDISC | |
| http://www-1.ibm.com/support/docview.wss?uid=swg24011562 | vendor-advisory, x_refsource_AIXAPAR | |
| http://www.vupen.com/english/advisories/2006/0442 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1015582 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24485 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/423946/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/412 | third-party-advisory, x_refsource_SREASON | |
| http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt | x_refsource_MISC | |
| http://secunia.com/advisories/18725 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/16494 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:27.677Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html"
},
{
"name": "IY79724",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24011562"
},
{
"name": "ADV-2006-0442",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0442"
},
{
"name": "1015582",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015582"
},
{
"name": "tivoli-pkmslogout-directory-traversal(24485)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24485"
},
{
"name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423946/100/0/threaded"
},
{
"name": "412",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/412"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt"
},
{
"name": "18725",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18725"
},
{
"name": "16494",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16494"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html"
},
{
"name": "IY79724",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24011562"
},
{
"name": "ADV-2006-0442",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0442"
},
{
"name": "1015582",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015582"
},
{
"name": "tivoli-pkmslogout-directory-traversal(24485)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24485"
},
{
"name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423946/100/0/threaded"
},
{
"name": "412",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/412"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt"
},
{
"name": "18725",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18725"
},
{
"name": "16494",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16494"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0513",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html"
},
{
"name": "IY79724",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24011562"
},
{
"name": "ADV-2006-0442",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0442"
},
{
"name": "1015582",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015582"
},
{
"name": "tivoli-pkmslogout-directory-traversal(24485)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24485"
},
{
"name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423946/100/0/threaded"
},
{
"name": "412",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/412"
},
{
"name": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt",
"refsource": "MISC",
"url": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt"
},
{
"name": "18725",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18725"
},
{
"name": "16494",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16494"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0513",
"datePublished": "2006-02-06T23:00:00",
"dateReserved": "2006-02-02T00:00:00",
"dateUpdated": "2024-08-07T16:41:27.677Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-1489
Vulnerability from cvelistv5
Published
2017-08-28 20:00
Modified
2024-09-16 23:31
Severity ?
EPSS score ?
Summary
IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/128687 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/100592 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1039227 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ibm.com/support/docview.wss?uid=swg22006959 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | IBM | Security Access Manager for Web |
Version: 6.1 Version: 6.1.1 Version: 7.0 Version: 8.0 Version: 8.0.0.2 Version: 8.0.0.3 Version: 8.0.0.4 Version: 8.0.0.5 Version: 8.0.0.1 Version: 8.0.1 Version: 8.0.1.2 Version: 8.0.1.3 Version: 9.0 Version: 9.0.0.1 Version: 9.0.1 Version: 8.0.1.4 Version: 8.0.1.5 Version: 9.0.2 Version: 9.0.2.1 Version: 9.0.3 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:32:29.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
},
{
"name": "100592",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100592"
},
{
"name": "1039227",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039227"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Security Access Manager for Web",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.1.1"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "8.0"
},
{
"status": "affected",
"version": "8.0.0.2"
},
{
"status": "affected",
"version": "8.0.0.3"
},
{
"status": "affected",
"version": "8.0.0.4"
},
{
"status": "affected",
"version": "8.0.0.5"
},
{
"status": "affected",
"version": "8.0.0.1"
},
{
"status": "affected",
"version": "8.0.1"
},
{
"status": "affected",
"version": "8.0.1.2"
},
{
"status": "affected",
"version": "8.0.1.3"
},
{
"status": "affected",
"version": "9.0"
},
{
"status": "affected",
"version": "9.0.0.1"
},
{
"status": "affected",
"version": "9.0.1"
},
{
"status": "affected",
"version": "8.0.1.4"
},
{
"status": "affected",
"version": "8.0.1.5"
},
{
"status": "affected",
"version": "9.0.2"
},
{
"status": "affected",
"version": "9.0.2.1"
},
{
"status": "affected",
"version": "9.0.3"
}
]
}
],
"datePublic": "2017-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-05T09:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
},
{
"name": "100592",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100592"
},
{
"name": "1039227",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039227"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2017-08-23T00:00:00",
"ID": "CVE-2017-1489",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Access Manager for Web",
"version": {
"version_data": [
{
"version_value": "6.1"
},
{
"version_value": "6.1.1"
},
{
"version_value": "7.0"
},
{
"version_value": "8.0"
},
{
"version_value": "8.0.0.2"
},
{
"version_value": "8.0.0.3"
},
{
"version_value": "8.0.0.4"
},
{
"version_value": "8.0.0.5"
},
{
"version_value": "8.0.0.1"
},
{
"version_value": "8.0.1"
},
{
"version_value": "8.0.1.2"
},
{
"version_value": "8.0.1.3"
},
{
"version_value": "9.0"
},
{
"version_value": "9.0.0.1"
},
{
"version_value": "9.0.1"
},
{
"version_value": "8.0.1.4"
},
{
"version_value": "8.0.1.5"
},
{
"version_value": "9.0.2"
},
{
"version_value": "9.0.2.1"
},
{
"version_value": "9.0.3"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687",
"refsource": "MISC",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
},
{
"name": "100592",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100592"
},
{
"name": "1039227",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039227"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg22006959",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1489",
"datePublished": "2017-08-28T20:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T23:31:41.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-4622
Vulnerability from cvelistv5
Published
2010-12-30 18:00
Modified
2024-08-07 03:51
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2010/3329 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/45582 | vdb-entry, x_refsource_BID | |
| http://www-01.ibm.com/support/docview.wss?uid=swg24028829 | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1024927 | vdb-entry, x_refsource_SECTRACK | |
| http://www.osvdb.org/70158 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/42727 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/64306 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:51:17.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2010-3329",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/3329"
},
{
"name": "45582",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45582"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"name": "1024927",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024927"
},
{
"name": "70158",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/70158"
},
{
"name": "42727",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42727"
},
{
"name": "tivoli-ebusiness-unspecified-dir-traversal(64306)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64306"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2010-3329",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/3329"
},
{
"name": "45582",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45582"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"name": "1024927",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024927"
},
{
"name": "70158",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/70158"
},
{
"name": "42727",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42727"
},
{
"name": "tivoli-ebusiness-unspecified-dir-traversal(64306)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64306"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4622",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2010-3329",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/3329"
},
{
"name": "45582",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45582"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"name": "1024927",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024927"
},
{
"name": "70158",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/70158"
},
{
"name": "42727",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42727"
},
{
"name": "tivoli-ebusiness-unspecified-dir-traversal(64306)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64306"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4622",
"datePublished": "2010-12-30T18:00:00",
"dateReserved": "2010-12-30T00:00:00",
"dateUpdated": "2024-08-07T03:51:17.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-4120
Vulnerability from cvelistv5
Published
2010-10-28 20:00
Modified
2024-08-07 03:34
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/68892 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/68891 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/68885 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2010/2774 | vdb-entry, x_refsource_VUPEN | |
| http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918 | vendor-advisory, x_refsource_AIXAPAR | |
| http://osvdb.org/68890 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/68884 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/68893 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/62750 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/44382 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/68886 | vdb-entry, x_refsource_OSVDB | |
| http://securitytracker.com/id?1024633 | vdb-entry, x_refsource_SECTRACK | |
| http://osvdb.org/68889 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/68888 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/68894 | vdb-entry, x_refsource_OSVDB | |
| http://osvdb.org/68887 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/41974 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:34:37.796Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "68892",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68892"
},
{
"name": "68891",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68891"
},
{
"name": "68885",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68885"
},
{
"name": "ADV-2010-2774",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2774"
},
{
"name": "IZ84918",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918"
},
{
"name": "68890",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68890"
},
{
"name": "68884",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68884"
},
{
"name": "68893",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68893"
},
{
"name": "tivoli-ebusiness-parm1-xss(62750)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62750"
},
{
"name": "44382",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44382"
},
{
"name": "68886",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68886"
},
{
"name": "1024633",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024633"
},
{
"name": "68889",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68889"
},
{
"name": "68888",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68888"
},
{
"name": "68894",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68894"
},
{
"name": "68887",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68887"
},
{
"name": "41974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/41974"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "68892",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68892"
},
{
"name": "68891",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68891"
},
{
"name": "68885",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68885"
},
{
"name": "ADV-2010-2774",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2774"
},
{
"name": "IZ84918",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918"
},
{
"name": "68890",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68890"
},
{
"name": "68884",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68884"
},
{
"name": "68893",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68893"
},
{
"name": "tivoli-ebusiness-parm1-xss(62750)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62750"
},
{
"name": "44382",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44382"
},
{
"name": "68886",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68886"
},
{
"name": "1024633",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024633"
},
{
"name": "68889",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68889"
},
{
"name": "68888",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68888"
},
{
"name": "68894",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68894"
},
{
"name": "68887",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68887"
},
{
"name": "41974",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/41974"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "68892",
"refsource": "OSVDB",
"url": "http://osvdb.org/68892"
},
{
"name": "68891",
"refsource": "OSVDB",
"url": "http://osvdb.org/68891"
},
{
"name": "68885",
"refsource": "OSVDB",
"url": "http://osvdb.org/68885"
},
{
"name": "ADV-2010-2774",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2774"
},
{
"name": "IZ84918",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918"
},
{
"name": "68890",
"refsource": "OSVDB",
"url": "http://osvdb.org/68890"
},
{
"name": "68884",
"refsource": "OSVDB",
"url": "http://osvdb.org/68884"
},
{
"name": "68893",
"refsource": "OSVDB",
"url": "http://osvdb.org/68893"
},
{
"name": "tivoli-ebusiness-parm1-xss(62750)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62750"
},
{
"name": "44382",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44382"
},
{
"name": "68886",
"refsource": "OSVDB",
"url": "http://osvdb.org/68886"
},
{
"name": "1024633",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024633"
},
{
"name": "68889",
"refsource": "OSVDB",
"url": "http://osvdb.org/68889"
},
{
"name": "68888",
"refsource": "OSVDB",
"url": "http://osvdb.org/68888"
},
{
"name": "68894",
"refsource": "OSVDB",
"url": "http://osvdb.org/68894"
},
{
"name": "68887",
"refsource": "OSVDB",
"url": "http://osvdb.org/68887"
},
{
"name": "41974",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/41974"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4120",
"datePublished": "2010-10-28T20:00:00",
"dateReserved": "2010-10-28T00:00:00",
"dateUpdated": "2024-08-07T03:34:37.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-0311
Vulnerability from cvelistv5
Published
2010-01-14 19:00
Modified
2024-08-07 00:45
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/37755 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1023447 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/55572 | vdb-entry, x_refsource_XF | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://secunia.com/advisories/38130 | third-party-advisory, x_refsource_SECUNIA | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2010/0108 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/61658 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:45:11.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37755",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37755"
},
{
"name": "1023447",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023447"
},
{
"name": "jsim-unspecified-security-bypass(55572)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55572"
},
{
"name": "275010",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1"
},
{
"name": "38130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38130"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1"
},
{
"name": "ADV-2010-0108",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0108"
},
{
"name": "61658",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/61658"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-01-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "37755",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37755"
},
{
"name": "1023447",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023447"
},
{
"name": "jsim-unspecified-security-bypass(55572)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55572"
},
{
"name": "275010",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1"
},
{
"name": "38130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38130"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1"
},
{
"name": "ADV-2010-0108",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0108"
},
{
"name": "61658",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/61658"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-0311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37755",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37755"
},
{
"name": "1023447",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023447"
},
{
"name": "jsim-unspecified-security-bypass(55572)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55572"
},
{
"name": "275010",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1"
},
{
"name": "38130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38130"
},
{
"name": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1",
"refsource": "CONFIRM",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1"
},
{
"name": "ADV-2010-0108",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0108"
},
{
"name": "61658",
"refsource": "OSVDB",
"url": "http://osvdb.org/61658"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-0311",
"datePublished": "2010-01-14T19:00:00",
"dateReserved": "2010-01-14T00:00:00",
"dateUpdated": "2024-08-07T00:45:11.949Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0494
Vulnerability from cvelistv5
Published
2011-01-19 11:00
Modified
2024-08-06 21:58
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors. NOTE: this might overlap CVE-2010-4622.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:58:24.526Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"name": "42955",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42955"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790"
},
{
"name": "45836",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45836"
},
{
"name": "IZ87470",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87470"
},
{
"name": "IZ91620",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91620"
},
{
"name": "tivoli-ebusiness-webseal-directory-traversal(64737)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64737"
},
{
"name": "IZ91619",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91619"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860"
},
{
"name": "IZ87328",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87328"
},
{
"name": "ADV-2011-0138",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0138"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors. NOTE: this might overlap CVE-2010-4622."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"name": "42955",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42955"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790"
},
{
"name": "45836",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45836"
},
{
"name": "IZ87470",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87470"
},
{
"name": "IZ91620",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91620"
},
{
"name": "tivoli-ebusiness-webseal-directory-traversal(64737)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64737"
},
{
"name": "IZ91619",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91619"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860"
},
{
"name": "IZ87328",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87328"
},
{
"name": "ADV-2011-0138",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0138"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0494",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors. NOTE: this might overlap CVE-2010-4622."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"name": "42955",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42955"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790"
},
{
"name": "45836",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45836"
},
{
"name": "IZ87470",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87470"
},
{
"name": "IZ91620",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91620"
},
{
"name": "tivoli-ebusiness-webseal-directory-traversal(64737)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64737"
},
{
"name": "IZ91619",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91619"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860"
},
{
"name": "IZ87328",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87328"
},
{
"name": "ADV-2011-0138",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0138"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-0494",
"datePublished": "2011-01-19T11:00:00",
"dateReserved": "2011-01-18T00:00:00",
"dateUpdated": "2024-08-06T21:58:24.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-4623
Vulnerability from cvelistv5
Published
2010-12-30 18:00
Modified
2024-08-07 03:51
Severity ?
EPSS score ?
Summary
WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www-01.ibm.com/support/docview.wss?uid=swg24028829 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/64471 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/45665 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:51:17.851Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"name": "ibm-tivoli-ebusiness-webseal-dos(64471)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64471"
},
{
"name": "45665",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45665"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-12-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"name": "ibm-tivoli-ebusiness-webseal-dos(64471)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64471"
},
{
"name": "45665",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45665"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4623",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"name": "ibm-tivoli-ebusiness-webseal-dos(64471)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64471"
},
{
"name": "45665",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45665"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4623",
"datePublished": "2010-12-30T18:00:00",
"dateReserved": "2010-12-30T00:00:00",
"dateUpdated": "2024-08-07T03:51:17.851Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2008-11-27 00:30
Modified
2024-11-21 00:53
Severity ?
Summary
webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | tivoli_access_manager_for_e-business | 6.0.0.17 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.0.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "94B170D8-F1F6-4983-9741-E822ADEF99E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan."
},
{
"lang": "es",
"value": "webseald en WebSEAL 6.0.0.17 en IBM Tivoli Access Manager para e-busines permite a atacantes remotos provocar una denegaci\u00f3n de servicio (caida o cuelgue) mediante peticiones HTTP, como lo demuestr\u00f3 una b\u00fasqueda de vulnerabilidades de McAfee."
}
],
"id": "CVE-2008-5257",
"lastModified": "2024-11-21T00:53:40.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-27T00:30:00.313",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32755"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/32461"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/32461"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46821"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:53
Severity ?
Summary
Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B7681DCD-F704-4D87-B464-4BF43910CAEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D24097DF-065B-49C3-AC07-8358C0E462A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7319E4CB-5F62-4584-AD9A-3031F6B602B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_identity_manager_solution:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BF5FC716-66E9-41CF-BB0C-2E68C4FC14DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_configuration_manager:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "193DDA4D-BC65-4F30-8333-01DACDEF9213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_configuration_manager_for_atm:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "332D58A2-602A-4448-A508-AB7DC2E524F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_secureway_policy_director:3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "A8A0D65D-4DF7-4A95-81A9-8B97AA44A2D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_everyplace_server:2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23A16347-2CC0-4104-8396-BDB83FBD83EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_everyplace_server:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "96130CA9-CD7D-401A-81D0-CAFC9D5BCF98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_everyplace_server:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "521C7EC4-D410-41F2-A455-F4165B569B49",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka \"Potential Credential Impersonation Attack.\""
}
],
"id": "CVE-2004-2558",
"lastModified": "2024-11-20T23:53:39.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11761"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10449"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16315"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11761"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/10449"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16315"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-10-28 21:00
Modified
2024-11-21 01:20
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | tivoli_access_manager_for_e-business | 6.1.0 | |
| ibm | tivoli_access_manager_for_e-business | 6.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CAE25B3-55F6-4D93-9110-26323F5D6CF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDBFAE1-351E-4E9F-877E-E9BBB50FCFF8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en la cosola TAM de IBM Tivoli Access Manager para e-business v6.1.0 anterior a v6.1.0-TIV-TAM-FP0006 permite a los atacantes remotos inyectar c\u00f3digo web o HTML a trav\u00e9s de (1) el par\u00e1metro parm1 de ivt/ivtserver, o el par\u00e1metro method de (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, o (11) webseal en ibm/wpm/."
}
],
"evaluatorSolution": "Per: http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918\r\n\r\n\u0027The fix for this APAR is expected to be contained in the following maintenance delivery vehicle: fix pack | 6.1.0-TIV-TAM-FP0006\u0027\r\n",
"id": "CVE-2010-4120",
"lastModified": "2024-11-21T01:20:17.170",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2010-10-28T21:00:01.887",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/68884"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/68885"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/68886"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/68887"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/68888"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/68889"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/68890"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/68891"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/68892"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/68893"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/68894"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41974"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024633"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/44382"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2774"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62750"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/68884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/68885"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/68886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/68887"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/68888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/68889"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/68890"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/68891"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/68892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/68893"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/68894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/41974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024633"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/44382"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62750"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-01-14 19:30
Modified
2024-11-21 01:11
Severity ?
Summary
Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | java_system_identity_server | 8.1.0.5 | |
| sun | java_system_identity_server | 8.1.0.6 | |
| ibm | tivoli_access_manager_for_e-business | * | |
| sun | java_system_access_manager | * | |
| sun | opensso_enterprise | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sun:java_system_identity_server:8.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDA71AD-2BAE-42DC-A050-76B4932141B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sun:java_system_identity_server:8.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "28F834A5-E3BE-4A83-83C3-1EF5FB2F10D1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B1AACE9A-B450-433E-AF0D-06A82D728AD5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:sun:java_system_access_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B2402481-C481-4FB6-9415-2504B3B93F7E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:sun:opensso_enterprise:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D05F3A1-C5F3-43CA-9150-17FE55A89A30",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Sun Java System Identity Manager (tambi\u00e9n conocido como IdM) v8.1.0.5 y v8.1.0.6, cuando se usa con Sun Java System Access Manager, OpenSSO Enterprise v8.0 o IBM Tivoli Access Manager, permite a atacantes remotos obtener acceso como administrador a trav\u00e9s de vectores desconocidos."
}
],
"id": "CVE-2010-0311",
"lastModified": "2024-11-21T01:11:57.267",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-01-14T19:30:00.547",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/61658"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38130"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1023447"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/37755"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0108"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55572"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/61658"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/38130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-141642-08-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275010-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37755"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/55572"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-30 19:00
Modified
2024-11-21 01:21
Severity ?
Summary
WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | tivoli_access_manager_for_e-business | 6.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDBFAE1-351E-4E9F-877E-E9BBB50FCFF8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions."
},
{
"lang": "es",
"value": "WebSEAL en el gestor de acceso IBM Tivoli para e-business 6.1.1 anteriores a 6.1.1-TIV-AWS-FP0001 permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (consumo del hilo de trabajo) a trav\u00e9s de acciones shift-reload."
}
],
"id": "CVE-2010-4623",
"lastModified": "2024-11-21T01:21:23.200",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-30T19:00:06.737",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45665"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64471"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64471"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-01-19 12:00
Modified
2024-11-21 01:24
Severity ?
Summary
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors. NOTE: this might overlap CVE-2010-4622.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | tivoli_access_manager_for_e-business | 5.1 | |
| ibm | tivoli_access_manager_for_e-business | 5.1.0.10 | |
| ibm | tivoli_access_manager_for_e-business | 6.0.0 | |
| ibm | tivoli_access_manager_for_e-business | 6.0.0.17 | |
| ibm | tivoli_access_manager_for_e-business | 6.0.0.23 | |
| ibm | tivoli_access_manager_for_e-business | 6.1.0 | |
| ibm | tivoli_access_manager_for_e-business | 6.1.0.3 | |
| ibm | tivoli_access_manager_for_e-business | 6.1.0.4 | |
| ibm | tivoli_access_manager_for_e-business | 6.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7319E4CB-5F62-4584-AD9A-3031F6B602B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:5.1.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "20FA6E05-2048-457E-BCD8-C08477AA2D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C419CCFC-9DDE-4018-BECA-5AB6B3ADDCE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.0.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "94B170D8-F1F6-4983-9741-E822ADEF99E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.0.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9D32F9-218E-4CAA-82C2-A3D05C5CDC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CAE25B3-55F6-4D93-9110-26323F5D6CF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B0FD7F-8007-41F8-A0B3-0C11B9F6D2BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C7255EFB-AE47-45E9-853E-5242D350A04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDBFAE1-351E-4E9F-877E-E9BBB50FCFF8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors. NOTE: this might overlap CVE-2010-4622."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en WebSEAL para IBM Tivoli Access Manager para e-business v5.1 anterior a v5.1.0.39-TIV-AWS-IF0040, v6.0 anterior a v6.0.0.25-TIV-AWS-IF0026, v6.1.0 anterior a v6.1.0.5-TIV-AWS-IF0006, y v6.1.1 anterior a v6.1.1-TIV-AWS-FP0001 tiene un impacto y vectores de ataque no especificados.NOTA: esto puede superponerse a CVE-2010-4622"
}
],
"id": "CVE-2011-0494",
"lastModified": "2024-11-21T01:24:08.153",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-01-19T12:00:22.937",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42955"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87328"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87470"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91619"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91620"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/45836"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0138"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42955"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91619"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/45836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64737"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-08-29 01:35
Modified
2024-11-21 03:21
Severity ?
Summary
IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=swg22006959 | Vendor Advisory | |
| psirt@us.ibm.com | http://www.securityfocus.com/bid/100592 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | http://www.securitytracker.com/id/1039227 | Third Party Advisory, VDB Entry | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/128687 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=swg22006959 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/100592 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039227 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/128687 | VDB Entry, Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CAE25B3-55F6-4D93-9110-26323F5D6CF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB8C962-AAEA-4005-BC6B-7768310295E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "86E64D67-84B1-4B22-B68C-AAFA68149206",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D3B0FD7F-8007-41F8-A0B3-0C11B9F6D2BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C7255EFB-AE47-45E9-853E-5242D350A04E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "26F1E4CC-0FE8-4D18-9507-74131B8F21E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "624215F6-12DE-42B5-98AE-29F30C759690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B57D6417-ECB7-4A02-8C01-6E85087AD073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "92FF03BE-E1FC-491A-BBA5-0C67B9EC0F1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9B9EFD7C-D827-4079-BBA5-38601F1DA571",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "C54E2A37-F451-4109-A367-A35D38D8E44C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "24BBDD80-3EBA-4F5E-89BC-4107431B813F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "2826D12C-893B-4045-98C0-60FDBB5EC252",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "1678A4B5-E2BB-41A2-9238-D0D34B189D1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "B4412073-8390-46B3-94A6-20D7B8075838",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "0E0AE0FD-6595-4132-8715-D2B859B04EB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "4256CF5F-8B99-4C5D-B67B-840DE56412EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "7CA0D2F3-31B5-4AF8-B6E0-6795A240F094",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "37632E93-91AA-47A6-9EF7-EB5A6FC4B843",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "937C104A-74B7-4FC4-B436-42C14C4E4339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "E4449E78-A1A2-423C-A9A4-5AB8ED7B1D3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "32B351D1-5DB8-4C6D-8CA8-C22E6DE66D21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "FC8671CD-4FEA-4408-B594-ED8B7BD8543F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "CEB5C09B-0681-42A1-AF82-15E91CD94787",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "1083BB5E-C153-46D1-8FEE-63AEB52B5546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "59231981-02BF-4998-A86F-BFF6B4B79CED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E912624A-33B5-4AF5-96DB-292C14B0A37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "DB434802-50F4-4FCB-B674-C92FC5046140",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "A0553613-6429-4202-B9F1-CB2F58412D82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "EC68FC7C-F67D-44C7-AAA7-ECD2DB27C286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7D529E-724A-4AC6-91AA-9C771C980471",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "12664D6B-1DF6-455E-99CB-08AF7A3C926E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDBFAE1-351E-4E9F-877E-E9BBB50FCFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BE91D383-8FCF-4352-9DE4-306F99171785",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "318A64DE-04E9-4A55-85D7-1079EECD7175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8961882B-0715-4B61-8343-9225BDDBC9E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "699C6485-0FA4-47EE-9081-0332D0B1F8AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6165F468-26EE-4AA7-B806-007F78AFD754",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "25C01EE0-7BE2-420C-B538-A15589D9A019",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6DFB52D6-9F29-49C1-83CC-CE662253488B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B4B247D8-4BEC-41BC-822E-5C31A8AECCAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "8A32A31D-266C-47D9-B11D-3C2DAEF6A025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "8D32BB3A-3404-4B3B-AEBF-BF40B0CDC426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2958706F-D4E1-41C0-A341-2E045A110E68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "4E149CF2-75F4-43E8-9B1C-657D95403AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "FE300627-1032-405E-96CC-B8CDF03C2326",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "745799EB-8664-40D6-907B-9B8F640860E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.15:*:*:*:*:*:*:*",
"matchCriteriaId": "097C64C6-9C0E-463A-8EEB-2906D9131887",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "CEF8D79D-0859-4943-A3A9-0C2F4183A9B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "8F491FA5-27ED-454B-850E-76DF60960D69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "24610D16-7235-4EE2-AF20-AAAFCDF749D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "DB4406DA-9DC1-4F76-9D2B-BE5BD8FB31F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.20:*:*:*:*:*:*:*",
"matchCriteriaId": "AC7E8F5B-743B-4778-B096-1A2F950A31BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "3930684E-FA31-42CB-8750-097ABEBE643B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.22:*:*:*:*:*:*:*",
"matchCriteriaId": "7B733C54-4DDA-4491-A6A0-F07D7D879900",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.23:*:*:*:*:*:*:*",
"matchCriteriaId": "3F34676D-8537-4C7A-9C25-EF6973C0AD81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.24:*:*:*:*:*:*:*",
"matchCriteriaId": "1A8CB2D8-D1EC-429B-8C8B-48AF082C5FD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.25:*:*:*:*:*:*:*",
"matchCriteriaId": "C3B0FF96-BF36-40A7-99B5-9904785D4A7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.26:*:*:*:*:*:*:*",
"matchCriteriaId": "E08CB452-3475-4143-AD28-550E130A33B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.27:*:*:*:*:*:*:*",
"matchCriteriaId": "4D86E921-FF6A-4045-B853-0D6F86BF2475",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.28:*:*:*:*:*:*:*",
"matchCriteriaId": "B582DA4C-9457-4EDD-A47B-66DB213198AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.29:*:*:*:*:*:*:*",
"matchCriteriaId": "575D7BEE-0DB2-435D-844E-387590EF087A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1.30:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9BAD4E-9F38-4AB7-A566-834A97CD1A86",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BACDCBD6-EEF3-4259-9866-A89105AA4C19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "536755AC-3FA7-4FA4-8CA3-0E1D4CB0FB43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "68DB06C6-84B3-4DC6-AEE9-9DA49715A3BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B894B409-DC42-4FA4-8864-387635B55F12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B52B9A91-EDAF-43CC-A271-02ADCD691875",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3F740591-A399-49AC-911B-9ADD117B5BEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EB9A2D-0ABF-46C3-A742-959CC39070DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4B832D0A-923B-4F4B-9F81-BA1BA2E7A920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F4EA2E35-08D1-4A2F-8941-0C87DF1BFC2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "A953FA93-A982-4104-8D6A-685E53613691",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "BE0028F4-5A36-4597-9830-46CFE5CF2EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "FE607CA8-FB8A-4373-A345-822D5ABEA408",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "0CB32198-9382-43CC-9079-08D2162B4C79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "4336D4DD-5DE4-441E-B852-A2E1409953CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "FDCBBC83-DCE2-4522-9808-8EFA63485388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "66159D17-FAB8-408A-90FA-62E9F840B568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "0D79656C-0F25-4647-BE54-AAF0336C7BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "940F82D3-5809-42DC-92B5-F699C34F6996",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "6994DE96-2967-4C7C-A896-B68E064C41C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "55734E7A-D2CA-490F-8BAC-F47CE1A2F3FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "E9047D70-83D3-4D45-8A16-4299A0D06D17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "65F66744-ABFA-4EB1-ACFB-FF88E0F20BBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "33C28A38-46FA-4878-9F03-D9ACB510ED88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "9D2EC653-CE7B-45A2-AB9F-F760646A4682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "94EF01E4-FBF5-4AF5-A6E8-BECF6052F72F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "2F0E063D-2C5E-4619-9176-9D28716BEDC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "CC30B443-ACDB-4D10-88F2-07DAF8684C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "E843FD37-844C-4359-9465-30C95B5F0831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE19EBF-68CA-4075-9A6D-B3DB7FF5DB6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "D424803C-85C3-4860-B842-93B98554070D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "DC489116-D486-4388-8E93-E6E98EA81868",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53A3B2B3-52B4-4086-9092-364649265F5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E24ACD0C-D825-4B2B-9483-66F0B815CB24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2CD382BC-2AA1-448E-BC8E-CAB2408995BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23A074B8-A709-44F1-9CB9-7BF2590989C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3F73936C-442D-4857-99B3-605E55D82833",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "54243412-CB97-4752-A31A-3CB6A757E495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BD9CF344-C187-4D60-8C90-2FB459883D6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "97AF8910-3F9A-407F-9834-B57D5807693D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DFB1BA86-C809-414E-8F58-2B6101518FB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DC1634D4-28AB-4F12-B5FB-D32742F5836B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1EA35BD4-8738-47D3-A8F0-F9ABE4AEB985",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "344FE134-DE7B-4925-875E-097DD0AB9AC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "674FFA61-8F2A-43FB-BF51-68700698703C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "332D3784-C24E-45A7-880B-0C4A32687B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "CF0738FC-EAC8-45C4-ADA9-06DBE3D9EADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "837D32E7-CFB7-462B-8479-E9811C149775",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "A7BE362F-72B3-481A-ABF4-4A36F4535F55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "C73DE810-1D11-4480-AF62-DC37F22DCC71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "31D161F8-D61A-40DF-AA14-5256DD394082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "154B6E05-54C8-4271-A904-21CA6A2E6F6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.20:*:*:*:*:*:*:*",
"matchCriteriaId": "6389F03A-3547-44B1-9603-947735FC31B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "E2735E77-B9ED-4608-AFA5-969E039C82F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "0C58102A-8817-4656-AB85-07D60CB2D10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "461046D0-29C2-4152-B4D2-C60E9A04EE07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "99EB7777-7CA5-41CB-98BC-AFC254E02C6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "0CFFABA7-86BD-4201-89F9-0F61E673DB90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.26:*:*:*:*:*:*:*",
"matchCriteriaId": "F472F171-9FF2-4C44-AF5B-9CBA19E62A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "5675CDEE-09CB-49D9-8C71-0CD71238129F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "69978C3B-708B-4CDC-8FA0-65A98F2223E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "74CAA03E-DE79-4527-918D-EA219DC2DA84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web_appliance:7.0.0.30:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB312B8-7B65-4CE9-B399-2896450B5647",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A4AD958-FDB2-4F63-AD4F-C88B33BFA692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "397073E9-9696-4B4C-926D-668EA4A52E7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "643E7B97-17AB-4209-804E-79E94F3D671F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4F807870-4976-43E1-89BE-F08DEEE109CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B2B3E49D-08E6-44CF-B034-D155247B5DB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F50A5E-111B-4CF6-A531-FE88E7735140",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D54372BE-6201-48AB-A720-F29E931E52B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "BCCE958E-6DFA-403E-B251-F5BA7825A546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "9DA2F71C-E15F-4729-A0D9-C8C116819546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39017599-E63F-4101-8D37-62D9B0CE6917",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB037932-234B-41AD-8119-D964796ADDFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8BA1DA71-91C8-4989-98B9-E924ED7B272A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3F884817-A712-4A89-B199-2E2483CD8363",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "52F627D1-6FB4-47A2-817D-F9EC914DAC51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6C428319-FFE3-4365-ABFE-1E6D1CABC0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "79613B00-9B72-43BB-A42A-3BB191021ED7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF1B0C02-D5D9-4F10-9120-C76D39D5C323",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "44310E32-EA05-420B-8676-4E6EEAFB6631",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B93CED0-E8FA-4238-8963-46074D11A334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "907BB0CF-D270-4493-8D61-9841E6C5FE45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E0801BD2-D95B-4703-9804-A555F9E7BA19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "525EF7EC-712E-4C84-A15C-B2A30BD11A01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2EE90667-0C16-4E4B-98DC-A6AD7A073D64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "049DD26B-9CF5-4E0C-812E-76A1224A15FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "909073A4-C6D5-47D7-911F-C855DB693EF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A523C406-D64C-4CE6-8CBE-34D4C060E0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "707F0FE4-EC91-44FF-AA21-1E2A99AC5C26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F0D646B2-7308-43A0-AE76-873946FB024E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4B1988E5-DFE6-4282-B9D3-6655297B481B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4BEF4063-73D7-416D-AD21-CDC1C0534677",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A8DFC0D0-2326-40CA-B4CC-65194566DA98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1A180463-EDE0-47DB-A031-979E73AA2A33",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9FF57E01-A333-49D7-8B25-D65B66410DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B67748-2677-44E7-B43D-857EBCA926C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2AEE420D-4686-4C58-B77A-2E509983F4C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D2C9CD3B-A25E-4DD1-9955-39E6E1EB4DC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA399A01-351E-4587-9B0B-804452F09832",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC682158-A8A0-4D2D-9ACD-ADF4093B7ECC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:security_access_manager:9.0.3.0:if1:*:*:*:*:*:*",
"matchCriteriaId": "A483F61A-0DAC-43DB-B69B-37A6207C1CF4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687."
},
{
"lang": "es",
"value": "Las configuraciones e-community de IBM Security Access Manager 6.1, 7.0, 8.0, y 9.0 podr\u00edan estar afectadas por una vulnerabilidad de redirecci\u00f3n. ECSSO Master Authentication puede redireccionar a un servidor que no participa en un dominio e-community. IBM X-Force ID: 128687."
}
],
"id": "CVE-2017-1489",
"lastModified": "2024-11-21T03:21:57.647",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-29T01:35:13.517",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100592"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039227"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/100592"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039227"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-02-06 23:02
Modified
2024-11-21 00:06
Severity ?
Summary
Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | tivoli_access_manager_for_e-business | 5.1.0.10 | |
| ibm | tivoli_access_manager_for_e-business | 6.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:5.1.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "20FA6E05-2048-457E-BCD8-C08477AA2D98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C419CCFC-9DDE-4018-BECA-5AB6B3ADDCE0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter."
}
],
"id": "CVE-2006-0513",
"lastModified": "2024-11-21T00:06:38.227",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-02-06T23:02:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18725"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/412"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securitytracker.com/id?1015582"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24011562"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423946/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/16494"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0442"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24485"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18725"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://securitytracker.com/id?1015582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg24011562"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423946/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/16494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24485"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-12-30 19:00
Modified
2024-11-21 01:21
Severity ?
Summary
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | tivoli_access_manager_for_e-business | 6.1.1 | |
| ibm | aix | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_access_manager_for_e-business:6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8FDBFAE1-351E-4E9F-877E-E9BBB50FCFF8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en WebSEAL del gestor de acceso IBM Tivoli para e-business 6.1.1 anteriores a la 6.1.1-TIV-AWS-FP0001 en AIX permite a atacantes remotos leer ficheros de su elecci\u00f3n a trav\u00e9s de %uff0e%uff0e (codificaci\u00f3n de punto punto) en una URI."
}
],
"id": "CVE-2010-4622",
"lastModified": "2024-11-21T01:21:23.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-12-30T19:00:06.690",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42727"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024927"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/70158"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/45582"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3329"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/70158"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/45582"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/3329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64306"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}