IBM » Security Access Manager For Web 8.0 Firmware : Security Vulnerabilities, CVEs, CVSS score >= 9
IBM Single Sign On for Bluemix could allow a remote attacker to obtain sensitive information, caused by a XML external entity (XXE) error when processing XML data by the XML parser. A remote attacker could exploit this vulnerability to read arbitrary files on the system or cause a denial of service.
Max CVSS
9.1
EPSS Score
0.41%
Published
2017-02-01
Updated
2020-10-27
The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors.
Max CVSS
10.0
EPSS Score
2.38%
Published
2014-10-03
Updated
2017-08-29
2 vulnerabilities found