Vulnerabilities > IBM > Security Identity Manager Virtual Appliance > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-01 | CVE-2019-4704 | Missing Encryption of Sensitive Data vulnerability in IBM Security Identity Manager Virtual Appliance 7.0.2 IBM Security Identity Manager Virtual Appliance 7.0.2 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2019-07-11 | CVE-2018-1968 | Information Exposure vulnerability in IBM Security Identity Manager Virtual Appliance 7.0.1/7.0.1.12 IBM Security Identity Manager 7.0.1 discloses sensitive information to unauthorized users. | 5.3 |
2018-02-21 | CVE-2016-0367 | Information Exposure vulnerability in IBM Security Identity Manager Virtual Appliance IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 allows remote authenticated users to obtain sensitive information by reading an error message. | 4.3 |
2017-02-01 | CVE-2016-9704 | Cross-site Scripting vulnerability in IBM Security Identity Manager Virtual Appliance IBM Security Identity Manager Virtual Appliance is vulnerable to cross-site scripting. | 6.1 |