VYPR

Tivoli Access Manager For E Business

by IBM

CVEs (8)

  • CVE-2017-1489MedAug 29, 2017
    risk 0.40cvss 6.1epss 0.01

    IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.

  • CVE-2006-0513Feb 6, 2006
    risk 0.04cvss epss 0.09

    Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.

  • CVE-2010-4120Oct 28, 2010
    risk 0.03cvss epss 0.03

    Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method…

  • CVE-2011-0494Jan 19, 2011
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors. …

  • CVE-2010-4623Dec 30, 2010
    risk 0.00cvss epss 0.01

    WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions.

  • CVE-2010-4622Dec 30, 2010
    risk 0.00cvss epss 0.03

    Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI.

  • CVE-2008-5257Nov 27, 2008
    risk 0.00cvss epss 0.01

    webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan.

  • CVE-2004-2558Dec 31, 2004
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace…