Skip to main content

Security Identity Manager Virtual Appliance

2 CVEs product

Monthly

CVE-2016-9704 MEDIUM PATCH This Month

IBM Security Identity Manager Virtual Appliance is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Security Identity Manager Virtual Appliance
NVD
CVSS 3.0
6.1
EPSS
0.3%
CVE-2016-9703 LOW PATCH Monitor

IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity.

Session Fixation IBM Information Disclosure Security Identity Manager Virtual Appliance
NVD
CVSS 3.0
2.4
EPSS
0.1%
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

IBM Security Identity Manager Virtual Appliance is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Security Identity Manager Virtual Appliance
NVD
EPSS 0% CVSS 2.4
LOW PATCH Monitor

IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity.

Session Fixation IBM Information Disclosure +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy