Description

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 152078.

Remediation

References

CVE-2018-1887

Related Vulnerabilities

WordPress Plugin Testimonial Multiple Vulnerabilities (2.2)

osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43720)

WordPress Plugin iThemes Exchange:Simple WP Ecommerce Remote Code Execution (1.14.0)

WordPress Plugin WP Widget Cache Cross-Site Scripting (0.26)

WordPress Plugin Event Calendar WD-Responsive Event Calendar Cross-Site Scripting (1.1.23)

Severity

High

Classification

CVE-2018-1887 CWE-798 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities