Authentication Bypass Vulnerability in IBM Security Access Manager for Mobile and Web
CVE-2014-3053

Currently unrated

Key Information:

Vendor: IBM
Status: Security Access Manager For Web 8.0 Firmware; Security Access Manager For Web Appliance
Vendor: CVE Published:; 21 June 2014

Summary

The Local Management Interface (LMI) in IBM Security Access Manager for Mobile and Web allows attackers to bypass authentication by exploiting a flaw in the login mechanism. This vulnerability enables unauthorized access using invalid credentials, potentially compromising sensitive information and system integrity.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/93501

vdb-entryx_refsource_XF

http://secunia.com/advisories/59381

third-party-advisoryx_refsource_SECUNIA

http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557

vendor-advisoryx_refsource_AIXAPAR

Timeline

Vulnerability published
Jun 21, 2014
Vulnerability Reserved
Apr 29, 2014