Security access manager
This hub aggregates every CVE we track for Security access manager, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.
57
CVEs tracked
3
Critical
14
High
0
In CISA KEV
Severity distribution
MEDIUM36HIGH14LOW4CRITICAL3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Security access manager.
- CVE-2024-35139IBM Security Access Manager Docker information disclosure6.2
- CVE-2024-35137IBM Security Access Manager Docker information disclosure6.2
- CVE-2023-38370IBM Security Access Manager Docker information disclosure7.5
- CVE-2023-38368IBM Security Access Manager Docker information disclosure5.5
- CVE-2023-30997IBM Security Access Manager Docker privilege escalation7.8
- CVE-2023-30998IBM Security Access Manager Docker privilege escalation7.8
- CVE-2023-38371IBM Security Access Manager Docker information disclosure5.9
- CVE-2021-20439IBM Security Access Manager 9.0 and IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by an unauthorized user.7.5
- CVE-2020-4499IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applica...9.8
- CVE-2019-4552IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted...6.1
- CVE-2020-4699IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the ...5.3
- CVE-2020-4661IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the ...5.3
- CVE-2020-4660IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the ...5.3
- CVE-2019-4725IBM Security Access Manager Appliance 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended function...6.1
- CVE-2020-4461IBM Security Access Manager Appliance 9.0.7.1 could allow an authenticated user to bypass security by allowing id_token claims manipulation without verification. IBM X-Force ID: 181481.6.5
Product normalization is registry-driven with AI assist and human review. How it works