VYPR
Low severity2.4NVD Advisory· Published Feb 1, 2017· Updated Jun 17, 2026

CVE-2016-9703

CVE-2016-9703

Description

IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information.

Affected products

11
  • cpe:2.3:a:ibm:security_identity_manager_virtual_appliance:7.0.0.0:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:ibm:security_identity_manager_virtual_appliance:7.0.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:security_identity_manager_virtual_appliance:7.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:security_identity_manager_virtual_appliance:7.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:security_identity_manager_virtual_appliance:7.0.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:security_identity_manager_virtual_appliance:7.0.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:security_identity_manager_virtual_appliance:7.0.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:security_identity_manager_virtual_appliance:7.0.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:security_identity_manager_virtual_appliance:7.0.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:security_identity_manager_virtual_appliance:7.0.1.4:*:*:*:*:*:*:*
    • (no CPE)
  • IBM Corporation/Identity Managerv5
    Range: 6.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.