IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 128378.
References
| Link | Resource |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/128378 | VDB Entry Vendor Advisory |
| http://www.ibm.com/support/docview.wss?uid=swg22012331 | Vendor Advisory |
| http://www.securitytracker.com/id/1040170 | Third Party Advisory VDB Entry |
Advertisement
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
|
Information
Published : 2018-01-10 09:29
Updated : 2020-10-27 04:37
NVD link : CVE-2017-1459
Mitre link : CVE-2017-1459
JSON object : View
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource
Advertisement
Products Affected
ibm
- security_access_manager_9.0_firmware
- security_access_manager_for_web_appliance
- security_access_manager_for_mobile
- security_access_manager_for_mobile_appliance
- security_access_manager_for_web_8.0_firmware