Vulnerabilities > IBM > Security Privileged Identity Manager > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-02	CVE-2018-1623	Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.1.1 IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 allows web pages to be stored locally which can be read by another user on the system. local low complexity ibm CWE-200	3.3
2018-02-21	CVE-2016-0366	Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.0 IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 might allow remote attackers to obtain sensitive information by leveraging weak encryption. network high complexity ibm CWE-200	3.7
2016-11-24	CVE-2016-0353	7PK - Security Features vulnerability in IBM Security Privileged Identity Manager 2.0.0/2.0.1/2.0.2 IBM Security Privileged Identity Manager 2.0 before 2.0.2 FP8, when Virtual Appliance is used, does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session. network high complexity ibm CWE-254	3.7

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.