Remote Code Execution Vulnerability in IBM Security Access Manager Appliance
CVE-2018-1722

10CRITICAL

Key Information:

Vendor

IBM
Status
Security Access Manager Appliance
Vendor
CVE Published:
24 August 2018

What is CVE-2018-1722?

The IBM Security Access Manager Appliance versions 9.0.4.0 and 9.0.5.0 are susceptible to a vulnerability that can lead to remote code execution when Advanced Access Control or Federation services are enabled. This flaw could allow an attacker to execute arbitrary code on the system, posing a significant threat to the security of the affected systems. Users are advised to apply the latest patches and adhere to security best practices to mitigate risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Security Access Manager Appliance 9.0.4.0

Security Access Manager Appliance 9.0.5.0

References

https://www.ibm.com/support/docview.wss?uid=ibm10719623
x_refsource_CONFIRM
http://www.securitytracker.com/id/1041557
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/105145
vdb-entryx_refsource_BID

EPSS Score

28% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.