Vulnerabilities > CVE-2010-4623 - Resource Management Errors vulnerability in IBM Tivoli Access Manager for E-Business 6.1.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family | Misc. |
NASL id | TIVOLI_ACCESS_MANAGER_EBIZ_WEBSEAL_MULTIVULN.NASL |
description | According to its self-reported version, the install of the IBM Tivoli Access Manager for e-Business WebSEAL component is affected by the following vulnerabilities : - An input validation error exists that could allow directory traversal attacks having an unspecified impact. (CVE-2010-4622, CVE-2011-0494) - An error exists related to |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 70139 |
published | 2013-09-26 |
reporter | This script is Copyright (C) 2013-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/70139 |
title | IBM Tivoli Access Manager for e-Business WebSEAL Multiple Vulnerabilities |