Vulnerabilities > IBM > Tivoli Identity Manager > 5.0.0.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-06-08 | CVE-2014-0961 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Identity Manager and Tivoli Identity Manager Cross-site request forgery (CSRF) vulnerability in IBM Tivoli Identity Manager (ITIM) 5.0 before 5.0.0.15 and 5.1 before 5.1.0.15 and IBM Security Identity Manager (ISIM) 6.0 before 6.0.0.2 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 6.0 |
2009-07-23 | CVE-2009-2583 | Improper Input Validation vulnerability in IBM Tivoli Identity Manager 5.0.0.6 Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self service interfaces. | 6.8 |