IBM » Tivoli Federated Identity Manager : Security Vulnerabilities, CVEs, CVSS score >= 6
IBM Tivoli Federated Identity Manager 6.2 is affected by a vulnerability due to a missing secure attribute in encrypted session (SSL) cookie. IBM X-Force ID: 125731.
Max CVSS
7.5
EPSS Score
0.14%
Published
2017-06-08
Updated
2017-07-08
Cross-site scripting (XSS) vulnerability in IBM Tivoli Federated Identity Manager (TFIM) 6.2.2 before FP16 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Max CVSS
6.1
EPSS Score
0.17%
Published
2016-01-18
Updated
2016-12-07
Unspecified vulnerability in the Management Console in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 has unknown impact and attack vectors, aka APAR IV03050.
Max CVSS
10.0
EPSS Score
0.34%
Published
2011-08-12
Updated
2017-08-29
Unspecified vulnerability in the Management Console in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 has unknown impact and attack vectors, aka APAR IV03048.
Max CVSS
10.0
EPSS Score
0.17%
Published
2011-08-12
Updated
2012-04-25
Unspecified vulnerability in the Runtime in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.30%
Published
2011-08-12
Updated
2017-08-29
IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.2, when configured as an OpenID relying party, does not perform the expected login rejection upon receiving an OP-Identifier from an OpenID provider, which allows remote attackers to bypass authentication via unspecified vectors.
Max CVSS
6.8
EPSS Score
0.33%
Published
2011-08-12
Updated
2011-08-12
6 vulnerabilities found