threat
engine
.sh
Back
·
··:··
Home
/
Product
/
ibm security access manager for mobile 8.0 firmware
Product
ibm security access manager for mobile 8.0 firmware
13 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2016-3029
all versions
IBM Security Access Manager for Web is vulnerable to cross-site request forgery which could allow an attacker to execute malicious
8.8
HIGH
CVE-2016-3027
all versions
IBM Security Access Manager for Web is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error w
6.5
MEDIUM
CVE-2016-3024
all versions
IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system.
4.0
MEDIUM
CVE-2016-3023
all versions
IBM Security Access Manager for Web could allow an unauthenticated user to gain access to sensitive information by entering invali
5.3
MEDIUM
CVE-2016-3022
all versions
IBM Security Access Manager for Web could allow an authenticated user to gain access to highly sensitive information due to incorr
6.5
MEDIUM
CVE-2016-3021
all versions
IBM Security Access Manager for Web could allow an authenticated attacker to obtain sensitive information from error message using
2.7
LOW
CVE-2016-3017
all versions
IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfiguration
7.5
HIGH
CVE-2016-3016
all versions
IBM Security Access Manager for Web processes patches, image backups and other updates without sufficiently verifying the origin a
4.4
MEDIUM
CVE-2016-2908
all versions
IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE
9.1
CRITICAL
CVE-2014-6079
all versions
Cross-site scripting (XSS) vulnerability in the Local Management Interface in IBM Security Access Manager for Web 7.x before 7.0.0
CVE-2014-4823
all versions
The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0
CVE-2014-7169
all versions
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environme
9.8
CRITICAL
CVE-2014-6271
all versions
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows re
9.8
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin