Input Validation Flaw in IBM Security Access Manager Appliance
CVE-2018-1813

4.3MEDIUM

Key Information:

Vendor
IBM
Status
Security Access Manager Appliance
Vendor
CVE Published:
13 December 2018

Summary

The IBM Security Access Manager Appliance suffers from an input validation flaw that results from incomplete blacklisting. This vulnerability enables attackers to bypass critical application controls, potentially leading to unauthorized access and manipulation of system data. As a consequence, the integrity of the system and its data can be significantly compromised. Administrators are advised to review the product versions and apply necessary security measures to mitigate this risk.

Affected Version(s)

Security Access Manager Appliance 9.0.1.0

Security Access Manager Appliance 9.0.2.0

Security Access Manager Appliance 9.0.3.0

References

http://www.ibm.com/support/docview.wss?uid=ibm10787785
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/150017
vdb-entryx_refsource_XF

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.