RSS   Podatności dla
'Security privileged identity manager virtual appliance'
   RSS

2016-09-26
 
CVE-2016-5974

 

 
Cross-site scripting (XSS) vulnerability in the Web UI in IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 allows remote authenticated users to inject arbitrary web script or HTML via an embedded string.

 
 
CVE-2016-5972

 

 
IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 uses weak permissions for unspecified resources, which allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors.

 
 
CVE-2016-5971

 

 
IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

 
 
CVE-2016-5970

 

 
Directory traversal vulnerability in IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.

 
 
CVE-2016-5963

 

 
IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 does not properly validate updates, which allows remote authenticated users to execute arbitrary code via unspecified vectors.

 
 
CVE-2016-5957

 

 
IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8 allows remote attackers to defeat cryptographic protection mechanisms and obtain sensitive information by leveraging a weak algorithm.

 
 
CVE-2016-3040

 

 
IBM WebSphere Application Server (WAS) Liberty, as used in IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

 

 >>> Vendor: IBM 1045 Produkty
AIX
Http server
Communications server
SNG
JAVA
Lotus domino mail server
Lotus notes
OS2
AFS
GINA
Lotus domino server
Aix enetwork firewall
Websphere application server
Domino
Lotus cc mail
Tivoli opc tracker agent
Netfinity remote control
System data repository
Homepageprint
Navio nc browser
Network station manager
Net.data
Os2 ftp server
As400 firewall
Http server ssl module common
Lotus domino
Tivoli management framework
Db2 universal database
Websphere plugin
Net.commerce
Net.commerce hosting server
Websphere commerce suite
High availability cluster multiprocessing
Aix snmp
Tivoli netview
4758
Informix web datablade
Tivoli secureway policy director
Hacmp
Alphaworks tftp server
Secureway directory
Lotus domino r5
Visualage for java
SDK
Tivoli storage manager
Informix
Websphere caching proxy server
Secureway firewall
U2 universe
Autofs
Aix parallel systems support programs
Os 400
Infoprint 21
Lotus notes client
Lotus domino web server
Director
DB2
Tivoli firewall toolbox
Internet security systems blackice defender
Cloudscape
Acprunner
Websphere edge server caching proxy
Ds4100
Director agent
Mcs-7815-1000
Mcs-7815i-2.0
Mcs-7835i-2.4
Mcs-7835i-3.0
X330
X340
X342
X345
Informix dynamic server
Informix extended parallel server
Parallel environment
Trading partner interchange
Tivoli directory server
Data ontap
Tivoli access manager for e-business
Tivoli access manager identity manager solution
Tivoli configuration manager
Tivoli configuration manager for atm
Websphere everyplace server
Egatherer
Hardware management console
Client access
Iseries as 400
Rational clearquest
Lotus domino enterprise server
Db2 content manager
Informix dynamic database server
Workflow
Lotus domino inotes client
Tivoli business systems manager
Interact
Network appliance data ontap
Lotus domino web access
Inventory scout
Client security password manager
Informix client sdk
Zobacz wszystkie produkty dla producenta IBM


Copyright 2024, cxsecurity.com

 

Back to Top