IBM » Security Access Manager For Web 8.0 Firmware : Security Vulnerabilities, CVEs, Published In 2017 (Information Leak)

CVE-2016-3043

IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
Max CVSS
5.9
EPSS Score
0.14%
Published
2017-02-01
Updated
2020-10-27

CVE-2016-3024

IBM Security Access Manager for Web allows web pages to be stored locally which can be read by another user on the system.
Max CVSS
4.0
EPSS Score
0.07%
Published
2017-02-01
Updated
2020-10-27

CVE-2016-3023

IBM Security Access Manager for Web could allow an unauthenticated user to gain access to sensitive information by entering invalid file names.
Max CVSS
5.3
EPSS Score
0.09%
Published
2017-02-01
Updated
2020-10-27

CVE-2016-3021

IBM Security Access Manager for Web could allow an authenticated attacker to obtain sensitive information from error message using a specially crafted HTTP request.
Max CVSS
4.0
EPSS Score
0.05%
Published
2017-02-01
Updated
2020-10-27
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close