Vulnerabilities > CVE-2010-4623 - Resource Management Errors vulnerability in IBM Tivoli Access Manager for E-Business 6.1.1

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
ibm
CWE-399
nessus

Summary

WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions.

Vulnerable Configurations

Part Description Count
Application
Ibm
1

Common Weakness Enumeration (CWE)

Nessus

NASL familyMisc.
NASL idTIVOLI_ACCESS_MANAGER_EBIZ_WEBSEAL_MULTIVULN.NASL
descriptionAccording to its self-reported version, the install of the IBM Tivoli Access Manager for e-Business WebSEAL component is affected by the following vulnerabilities : - An input validation error exists that could allow directory traversal attacks having an unspecified impact. (CVE-2010-4622, CVE-2011-0494) - An error exists related to
last seen2020-06-01
modified2020-06-02
plugin id70139
published2013-09-26
reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/70139
titleIBM Tivoli Access Manager for e-Business WebSEAL Multiple Vulnerabilities