Vulnerabilities > IBM > Security Access Manager FOR WEB > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-06-06 CVE-2017-1480 Information Exposure Through Log Files vulnerability in IBM products
IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores potentially sensitive information in log files that could be read by a remote user.
network
low complexity
ibm CWE-532
4.3
4.3
2018-06-06 CVE-2017-1476 Information Exposure vulnerability in IBM products
IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.
network
high complexity
ibm CWE-200
5.9
5.9
2018-06-06 CVE-2017-1474 Information Exposure vulnerability in IBM products
IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 discloses sensitive information to unauthorized users.
network
low complexity
ibm CWE-200
5.3
5.3
2017-08-29 CVE-2017-1489 Open Redirect vulnerability in IBM products
IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability.
network
low complexity
ibm CWE-601
6.1
6.1
2017-02-01 CVE-2016-3018 Cross-site Scripting vulnerability in IBM products
IBM Security Access Manager for Web is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
6.1
6.1