Description

IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 128606.

Remediation

References

CVE-2017-1474

Related Vulnerabilities

Contao Improper Privilege Management Vulnerability (CVE-2021-37627)

WordPress Plugin Vospari Forms Cross-Site Scripting (1.3)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-1460)

Oracle Database Server CVE-2018-3004 Vulnerability (CVE-2018-3004)

WordPress Plugin Advanced Custom Fields (ACF) Security Bypass (5.9.9)

Severity

Medium

Classification

CVE-2017-1474 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities