This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


Vendor Ibm First view 2015-11-08
Product Security Access Manager For Web Last view 2018-06-06
Version Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
CPE Product cpe:2.3:a:ibm:security_access_manager_for_web

Activity : Overall

Related : CVE

  Date Alert Description
4.3 2018-06-06 CVE-2017-1480

IBM Security Access Manager Appliance 8.0.0 through, and 9.0.0 through stores potentially sensitive information in log files that could be read by a remote user. IBM X-Force ID: 128617.

5.9 2018-06-06 CVE-2017-1476

IBM Security Access Manager Appliance 7.0.0, 8.0.0 through, and 9.0.0 through could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 128610.

5.3 2018-06-06 CVE-2017-1474

IBM Security Access Manager Appliance 7.0.0, 8.0.0 through, and 9.0.0 through discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 128606.

7.5 2015-11-08 CVE-2015-4963

IBM Security Access Manager for Web 7.x before and 8.x before mishandles WebSEAL HTTPTransformation requests, which allows remote attackers to read or write to arbitrary files via unspecified vectors.

CWE : Common Weakness Enumeration

50% (2) CWE-200 Information Exposure
25% (1) CWE-532 Information Leak Through Log Files
25% (1) CWE-17 Code