Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Ibm Subscribe
Filtered by product Tivoli Access Manager For E-business
Total 9 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-0513 1 Ibm 1 Tivoli Access Manager For E-business 2018-10-19 5.0 MEDIUM N/A
Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
CVE-2017-1489 1 Ibm 6 Security Access Manager, Security Access Manager For Mobile, Security Access Manager For Web and 3 more 2017-09-09 5.8 MEDIUM 6.1 MEDIUM
IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.
CVE-2010-4120 1 Ibm 1 Tivoli Access Manager For E-business 2017-08-16 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
CVE-2010-4622 1 Ibm 2 Aix, Tivoli Access Manager For E-business 2017-08-16 5.0 MEDIUM N/A
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI.
CVE-2010-4623 1 Ibm 1 Tivoli Access Manager For E-business 2017-08-16 4.0 MEDIUM N/A
WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions.
CVE-2011-0494 1 Ibm 1 Tivoli Access Manager For E-business 2017-08-16 5.0 MEDIUM N/A
Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors. NOTE: this might overlap CVE-2010-4622.
CVE-2010-0311 2 Ibm, Sun 4 Tivoli Access Manager For E-business, Java System Access Manager, Java System Identity Server and 1 more 2017-08-16 6.8 MEDIUM N/A
Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Sun Java System Access Manager, OpenSSO Enterprise 8.0, or IBM Tivoli Access Manager is used, allows remote attackers to obtain administrative access via unknown vectors.
CVE-2008-5257 1 Ibm 1 Tivoli Access Manager For E-business 2017-08-07 4.3 MEDIUM N/A
webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan.
CVE-2004-2558 1 Ibm 6 Tivoli Access Manager For E-business, Tivoli Access Manager Identity Manager Solution, Tivoli Configuration Manager and 3 more 2017-07-10 7.5 HIGH N/A
Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack."