Brute-force Vulnerability in IBM Security Access Manager Products
CVE-2014-6078

Currently unrated

Key Information:

Vendor

IBM
Status
Security Access Manager For Mobile
Vendor
CVE Published:
18 December 2014

What is CVE-2014-6078?

IBM Security Access Manager for Mobile and Web software products are susceptible to brute-force attacks due to insufficient security measures, such as a lack of account lockout mechanisms after repeated invalid login attempts. This weakness can potentially allow remote attackers to gain unauthorized administrative access, thus compromising the security of sensitive data and systems.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21684475
x_refsource_CONFIRM
http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358
vendor-advisoryx_refsource_AIXAPAR
https://exchange.xforce.ibmcloud.com/vulnerabilities/95762
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.