Vulnerabilities > IBM > Security Access Manager > 10.0.7.1

DATE CVE VULNERABILITY TITLE RISK
2024-06-28 CVE-2024-35137 Weak Password Requirements vulnerability in IBM Security Access Manager 10.0.0.0/10.0.7.1
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to possibly elevate their privileges due to sensitive configuration information being exposed.
local
low complexity
ibm CWE-521
6.2
6.2
2024-06-28 CVE-2024-35139 Unspecified vulnerability in IBM Security Access Manager 10.0.0.0/10.0.7.1
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions.
local
low complexity
ibm
5.5
5.5
2024-06-27 CVE-2023-30997 Unspecified vulnerability in IBM Security Access Manager 10.0.0.0/10.0.7.1
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls.
local
low complexity
ibm
7.8
7.8
2024-06-27 CVE-2023-30998 Unspecified vulnerability in IBM Security Access Manager 10.0.0.0/10.0.7.1
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls.
local
low complexity
ibm
7.8
7.8
2024-06-27 CVE-2023-38368 Unspecified vulnerability in IBM Security Access Manager 10.0.0.0/10.0.7.1
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could disclose sensitive information to a local user to do improper permission controls.
local
low complexity
ibm
5.5
5.5
2024-06-27 CVE-2023-38370 Unspecified vulnerability in IBM Security Access Manager 10.0.0.0/10.0.7.1
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1, under certain configurations, could allow a user on the network to install malicious packages.
network
low complexity
ibm
6.5
6.5
2024-06-27 CVE-2023-38371 Unspecified vulnerability in IBM Security Access Manager 10.0.0.0/10.0.7.1
IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm
7.5
7.5