Unauthorized Administration Operations in IBM Security Access Manager Appliance
CVE-2018-1850
8.8HIGH
Key Information:
- Vendor
- IBM
- Vendor
- CVE Published:
- 22 October 2018
Summary
The IBM Security Access Manager Appliance versions 9.0.3.1, 9.0.4.0, and 9.0.5.0 have a vulnerability that may permit unauthorized users to perform administrative operations when Advanced Access Control services are enabled. This flaw could lead to potential security breaches if not addressed, allowing individuals without proper permissions access to sensitive administrative functionalities.
Affected Version(s)
Security Access Manager Appliance 9.0.3.1
Security Access Manager Appliance 9.0.4.0
Security Access Manager Appliance 9.0.5.0
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved