CyberSec.Space Logo
CVEブラウザに戻る

CVE-2018-1453

HIGH
8.8
CVSS Severity Score
EPSS Score0.1940%
EPSS Percentile24.05th
Published2018年6月8日
Last Modified2024年11月21日

Vulnerability Description

IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated attacker to upload or transfer files of dangerous types that can be automatically processed within the environment. IBM X-Force ID: 140055.

Affected Platforms (CPE)

📦
Ibm

Security Identity Manager

= 7.0
📦
Ibm

Security Identity Manager

= 7.0.1

References & Advisories

🔗 http://www.ibm.com/support/docview.wss?uid=swg22013617
🔗 http://www.securitytracker.com/id/1041383
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/140055
🔗 http://www.ibm.com/support/docview.wss?uid=swg22013617
🔗 http://www.securitytracker.com/id/1041383
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/140055

関連する脆弱性情報

CVE-2020-202110.0

When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option i...

CVE-2016-59649.8

IBM Security Privileged Identity Manager Virtual Appliance version 2.0.2 uses an inadequate account lockout setting that could all...

CVE-2019-46759.8

IBM Security Identity Manager 7.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for it...

CVE-2016-03329.8

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 do not properly restric...