VYPR

Tivoli Federated Identity Manager

by IBM

CVEs (22)

  • CVE-2009-5083Aug 12, 2011
    risk 0.00cvss epss 0.01

    IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID relying party, does not perform the expected login rejection upon receiving an OP-Identifier from an OpenID provider, which allows remote attackers to bypass authentication via…

  • CVE-2008-7299Aug 12, 2011
    risk 0.00cvss epss 0.01

    IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2 uses an incomplete SAML 1.x browser-artifact, which allows remote OpenID providers to spoof assertions via vectors related to the Issuer field.

Page 2 of 2