Security_access_manager - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Security_access_manager
(Ibm)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	47

Date	Id	Summary	Products	Score	Patch	Annotated
2020-10-12	CVE-2020-4661	IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the system. IBM X-Force ID: 186142.	Security_access_manager, Security_verify_access	5.3
2020-10-15	CVE-2020-4499	IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications. IBM X-Force ID: 182216.	Security_access_manager, Security_verify_access	9.8
2021-07-15	CVE-2021-20439	IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user.	Security_access_manager, Security_verify_access	7.5
2024-06-27	CVE-2023-38371	IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 261198.	Security_access_manager	7.5
2024-06-27	CVE-2023-30997	IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254638.	Security_access_manager	7.8
2024-06-27	CVE-2023-30998	IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254649.	Security_access_manager	7.8
2024-06-27	CVE-2023-38368	IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information to a local user to do improper permission controls. IBM X-Force ID: 261195.	Security_access_manager	5.5
2024-06-27	CVE-2023-38370	IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could allow a user on the network to install malicious packages. IBM X-Force ID: 261197.	Security_access_manager	6.5
2024-06-28	CVE-2024-35137	IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed. IBM X-Force ID: 292413.	Security_access_manager	6.2
2024-06-28	CVE-2024-35139	IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. IBM X-Force ID: 292415.	Security_access_manager	5.5