Search Results | AttackerKB

Show filters

Topics 15 Users 9,710

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

15 Total Results

Displaying 1-10 of 15

Attacker Value

Unknown

CVE-2016-0351

Disclosure Date: February 21, 2018 (last updated November 26, 2024)

IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 does not set the secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. IBM X-Force ID: 111890.

0

Attacker Value

Unknown

CVE-2016-0367

Disclosure Date: February 21, 2018 (last updated November 26, 2024)

IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 allows remote authenticated users to obtain sensitive information by reading an error message. IBM X-Force ID: 112072.

0

Attacker Value

Unknown

CVE-2016-0336

Disclosure Date: January 12, 2018 (last updated November 26, 2024)

Cross-site scripting (XSS) vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 111737.

0

Attacker Value

Unknown

CVE-2016-0335

Disclosure Date: January 12, 2018 (last updated November 26, 2024)

Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors. IBM X-Force ID: 111736.

0

Attacker Value

Unknown

CVE-2016-0324

Disclosure Date: January 12, 2018 (last updated November 26, 2024)

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote authenticated users to execute arbitrary code with administrator privileges via unspecified vectors. IBM X-Force ID: 111640.

0

Attacker Value

Unknown

CVE-2016-0327

Disclosure Date: January 12, 2018 (last updated November 26, 2024)

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows local users to gain administrator privileges via unspecified vectors. IBM X-Force ID: 111643.

0

Attacker Value

Unknown

CVE-2016-0332

Disclosure Date: January 12, 2018 (last updated November 26, 2024)

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach. IBM X-Force ID: 111695.

0

Attacker Value

Unknown

CVE-2016-9739

Disclosure Date: February 01, 2017 (last updated November 25, 2024)

IBM Security Identity Manager Virtual Appliance stores user credentials in plain in clear text which can be read by a local user.

0

Attacker Value

Unknown

CVE-2016-9703

Disclosure Date: February 01, 2017 (last updated November 25, 2024)

IBM Security Identity Manager Virtual Appliance does not invalidate session tokens which could allow an unauthorized user with physical access to the work station to obtain sensitive information.

0

Attacker Value

Unknown

CVE-2016-9704

Disclosure Date: February 01, 2017 (last updated November 25, 2024)

IBM Security Identity Manager Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

0