Vulnerabilities > IBM > Security Identity Manager > 7.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-04 | CVE-2019-4675 | Use of Hard-coded Credentials vulnerability in IBM Security Identity Manager 7.0.1 IBM Security Identity Manager 7.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 7.5 |
| 2020-02-04 | CVE-2019-4674 | Path Traversal vulnerability in IBM Security Identity Manager 7.0.1 IBM Security Identity Manager 7.0.1 could allow a remote attacker to traverse directories on the system. | 4.0 |
| 2019-02-04 | CVE-2019-4038 | Code Injection vulnerability in IBM Security Identity Manager IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to create unexpected control flow paths through the application, potentially bypassing security checks. | 6.2 |
| 2019-02-04 | CVE-2018-1962 | Session Fixation vulnerability in IBM Security Identity Manager IBM Security Identity Manager 7.0.1 Virtual Appliance does not invalidate session tokens when the logout button is pressed. | 2.1 |
| 2019-01-24 | CVE-2018-1959 | Use of Hard-coded Credentials vulnerability in IBM Security Identity Manager IBM Security Identity Manager 7.0.1 Virtual Appliance contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 4.6 |
| 2018-06-08 | CVE-2018-1453 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Security Identity Manager 7.0/7.0.1 IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated attacker to upload or transfer files of dangerous types that can be automatically processed within the environment. | 6.5 |
| 2018-06-08 | CVE-2017-1405 | Insufficient Verification of Data Authenticity vulnerability in IBM Security Identity Manager 7.0/7.0.1 IBM Security Identity Manager Virtual Appliance 7.0 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. | 4.0 |