IBM » Security Access Manager For Mobile : Security Vulnerabilities, CVEs, (Bypass)
IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to bypass validation and load a page with malicious content.
Max CVSS
5.5
EPSS Score
0.22%
Published
2017-02-07
Updated
2020-10-27
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not have a lockout period after invalid login attempts, which makes it easier for remote attackers to obtain admin access via a brute-force attack.
Max CVSS
5.0
EPSS Score
0.33%
Published
2014-12-18
Updated
2017-09-08
2 vulnerabilities found