Vulnerabilities > IBM > Security Access Manager FOR WEB Software

DATE CVE VULNERABILITY TITLE RISK
2017-08-29 CVE-2017-1489 Open Redirect vulnerability in IBM products
IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability.
network
ibm CWE-601
5.8
5.8
2014-06-21 CVE-2014-3073 Remote Code Execution vulnerability in IBM Security Access Manager
Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote attackers to execute arbitrary code via unknown vectors.
network
low complexity
ibm
critical
 10.0
10
2014-06-21 CVE-2014-3053 Improper Authentication vulnerability in IBM products
The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials.
low complexity
ibm CWE-287
8.0
8.0
2014-05-08 CVE-2014-0963 Resource Management Errors vulnerability in IBM products
The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages.
network
ibm CWE-399
7.1
7.1