Search

Find a vulnerability

Search criteria

    16 vulnerabilities found for tivoli_access_manager_for_e-business by ibm

    CVE-2017-1489 (GCVE-0-2017-1489)

    Vulnerability from nvd – Published: 2017-08-28 20:00 – Updated: 2024-09-16 23:31
    VLAI
    Summary
    IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.
    Severity
    No CVSS data available.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Security Access Manager for Web Affected: 6.1
    Affected: 6.1.1
    Affected: 7.0
    Affected: 8.0
    Affected: 8.0.0.2
    Affected: 8.0.0.3
    Affected: 8.0.0.4
    Affected: 8.0.0.5
    Affected: 8.0.0.1
    Affected: 8.0.1
    Affected: 8.0.1.2
    Affected: 8.0.1.3
    Affected: 9.0
    Affected: 9.0.0.1
    Affected: 9.0.1
    Affected: 8.0.1.4
    Affected: 8.0.1.5
    Affected: 9.0.2
    Affected: 9.0.2.1
    Affected: 9.0.3
    Create a notification for this product.
    Date Public
    2017-08-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:32:29.832Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
              },
              {
                "name": "100592",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/100592"
              },
              {
                "name": "1039227",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1039227"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Security Access Manager for Web",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.1"
                },
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "8.0"
                },
                {
                  "status": "affected",
                  "version": "8.0.0.2"
                },
                {
                  "status": "affected",
                  "version": "8.0.0.3"
                },
                {
                  "status": "affected",
                  "version": "8.0.0.4"
                },
                {
                  "status": "affected",
                  "version": "8.0.0.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.0.1"
                },
                {
                  "status": "affected",
                  "version": "8.0.1"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.2"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.3"
                },
                {
                  "status": "affected",
                  "version": "9.0"
                },
                {
                  "status": "affected",
                  "version": "9.0.0.1"
                },
                {
                  "status": "affected",
                  "version": "9.0.1"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.4"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.5"
                },
                {
                  "status": "affected",
                  "version": "9.0.2"
                },
                {
                  "status": "affected",
                  "version": "9.0.2.1"
                },
                {
                  "status": "affected",
                  "version": "9.0.3"
                }
              ]
            }
          ],
          "datePublic": "2017-08-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-05T09:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
            },
            {
              "name": "100592",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/100592"
            },
            {
              "name": "1039227",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1039227"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2017-08-23T00:00:00",
              "ID": "CVE-2017-1489",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Security Access Manager for Web",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.1"
                              },
                              {
                                "version_value": "6.1.1"
                              },
                              {
                                "version_value": "7.0"
                              },
                              {
                                "version_value": "8.0"
                              },
                              {
                                "version_value": "8.0.0.2"
                              },
                              {
                                "version_value": "8.0.0.3"
                              },
                              {
                                "version_value": "8.0.0.4"
                              },
                              {
                                "version_value": "8.0.0.5"
                              },
                              {
                                "version_value": "8.0.0.1"
                              },
                              {
                                "version_value": "8.0.1"
                              },
                              {
                                "version_value": "8.0.1.2"
                              },
                              {
                                "version_value": "8.0.1.3"
                              },
                              {
                                "version_value": "9.0"
                              },
                              {
                                "version_value": "9.0.0.1"
                              },
                              {
                                "version_value": "9.0.1"
                              },
                              {
                                "version_value": "8.0.1.4"
                              },
                              {
                                "version_value": "8.0.1.5"
                              },
                              {
                                "version_value": "9.0.2"
                              },
                              {
                                "version_value": "9.0.2.1"
                              },
                              {
                                "version_value": "9.0.3"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
                },
                {
                  "name": "100592",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/100592"
                },
                {
                  "name": "1039227",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1039227"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22006959",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1489",
        "datePublished": "2017-08-28T20:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:31:41.216Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0494 (GCVE-0-2011-0494)

    Vulnerability from nvd – Published: 2011-01-19 11:00 – Updated: 2024-08-06 21:58
    VLAI
    Summary
    Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors. NOTE: this might overlap CVE-2010-4622.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-01-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T21:58:24.526Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
              },
              {
                "name": "42955",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42955"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790"
              },
              {
                "name": "45836",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/45836"
              },
              {
                "name": "IZ87470",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87470"
              },
              {
                "name": "IZ91620",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91620"
              },
              {
                "name": "tivoli-ebusiness-webseal-directory-traversal(64737)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64737"
              },
              {
                "name": "IZ91619",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91619"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860"
              },
              {
                "name": "IZ87328",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87328"
              },
              {
                "name": "ADV-2011-0138",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0138"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-01-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors.  NOTE: this might overlap CVE-2010-4622."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
            },
            {
              "name": "42955",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42955"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790"
            },
            {
              "name": "45836",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/45836"
            },
            {
              "name": "IZ87470",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87470"
            },
            {
              "name": "IZ91620",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91620"
            },
            {
              "name": "tivoli-ebusiness-webseal-directory-traversal(64737)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64737"
            },
            {
              "name": "IZ91619",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91619"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860"
            },
            {
              "name": "IZ87328",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87328"
            },
            {
              "name": "ADV-2011-0138",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0138"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-0494",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors.  NOTE: this might overlap CVE-2010-4622."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
                },
                {
                  "name": "42955",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42955"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790"
                },
                {
                  "name": "45836",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/45836"
                },
                {
                  "name": "IZ87470",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87470"
                },
                {
                  "name": "IZ91620",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91620"
                },
                {
                  "name": "tivoli-ebusiness-webseal-directory-traversal(64737)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64737"
                },
                {
                  "name": "IZ91619",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91619"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860"
                },
                {
                  "name": "IZ87328",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87328"
                },
                {
                  "name": "ADV-2011-0138",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0138"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-0494",
        "datePublished": "2011-01-19T11:00:00.000Z",
        "dateReserved": "2011-01-18T00:00:00.000Z",
        "dateUpdated": "2024-08-06T21:58:24.526Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-4623 (GCVE-0-2010-4623)

    Vulnerability from nvd – Published: 2010-12-30 18:00 – Updated: 2024-08-07 03:51
    VLAI
    Summary
    WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-12-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:51:17.851Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
              },
              {
                "name": "ibm-tivoli-ebusiness-webseal-dos(64471)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64471"
              },
              {
                "name": "45665",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/45665"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-12-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
            },
            {
              "name": "ibm-tivoli-ebusiness-webseal-dos(64471)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64471"
            },
            {
              "name": "45665",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/45665"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-4623",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
                },
                {
                  "name": "ibm-tivoli-ebusiness-webseal-dos(64471)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64471"
                },
                {
                  "name": "45665",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/45665"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-4623",
        "datePublished": "2010-12-30T18:00:00.000Z",
        "dateReserved": "2010-12-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T03:51:17.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-4622 (GCVE-0-2010-4622)

    Vulnerability from nvd – Published: 2010-12-30 18:00 – Updated: 2024-08-07 03:51
    VLAI
    Summary
    Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2010/3329 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/45582 vdb-entryx_refsource_BID
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://securitytracker.com/id?1024927 vdb-entryx_refsource_SECTRACK
    http://www.osvdb.org/70158 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/42727 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2010-12-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:51:17.813Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-3329",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/3329"
              },
              {
                "name": "45582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/45582"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
              },
              {
                "name": "1024927",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1024927"
              },
              {
                "name": "70158",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/70158"
              },
              {
                "name": "42727",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42727"
              },
              {
                "name": "tivoli-ebusiness-unspecified-dir-traversal(64306)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64306"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-12-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-3329",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/3329"
            },
            {
              "name": "45582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/45582"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
            },
            {
              "name": "1024927",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1024927"
            },
            {
              "name": "70158",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/70158"
            },
            {
              "name": "42727",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42727"
            },
            {
              "name": "tivoli-ebusiness-unspecified-dir-traversal(64306)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64306"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-4622",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-3329",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/3329"
                },
                {
                  "name": "45582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/45582"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
                },
                {
                  "name": "1024927",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1024927"
                },
                {
                  "name": "70158",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/70158"
                },
                {
                  "name": "42727",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42727"
                },
                {
                  "name": "tivoli-ebusiness-unspecified-dir-traversal(64306)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64306"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-4622",
        "datePublished": "2010-12-30T18:00:00.000Z",
        "dateReserved": "2010-12-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T03:51:17.813Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-4120 (GCVE-0-2010-4120)

    Vulnerability from nvd – Published: 2010-10-28 20:00 – Updated: 2024-08-07 03:34
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/68892 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68891 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68885 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2010/2774 vdb-entryx_refsource_VUPEN
    http://www-01.ibm.com/support/docview.wss?uid=swg… vendor-advisoryx_refsource_AIXAPAR
    http://osvdb.org/68890 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68884 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68893 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/44382 vdb-entryx_refsource_BID
    http://osvdb.org/68886 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1024633 vdb-entryx_refsource_SECTRACK
    http://osvdb.org/68889 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68888 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68894 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68887 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/41974 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2010-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:34:37.796Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "68892",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68892"
              },
              {
                "name": "68891",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68891"
              },
              {
                "name": "68885",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68885"
              },
              {
                "name": "ADV-2010-2774",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2774"
              },
              {
                "name": "IZ84918",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918"
              },
              {
                "name": "68890",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68890"
              },
              {
                "name": "68884",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68884"
              },
              {
                "name": "68893",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68893"
              },
              {
                "name": "tivoli-ebusiness-parm1-xss(62750)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62750"
              },
              {
                "name": "44382",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/44382"
              },
              {
                "name": "68886",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68886"
              },
              {
                "name": "1024633",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1024633"
              },
              {
                "name": "68889",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68889"
              },
              {
                "name": "68888",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68888"
              },
              {
                "name": "68894",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68894"
              },
              {
                "name": "68887",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68887"
              },
              {
                "name": "41974",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/41974"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "68892",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68892"
            },
            {
              "name": "68891",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68891"
            },
            {
              "name": "68885",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68885"
            },
            {
              "name": "ADV-2010-2774",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2774"
            },
            {
              "name": "IZ84918",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918"
            },
            {
              "name": "68890",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68890"
            },
            {
              "name": "68884",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68884"
            },
            {
              "name": "68893",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68893"
            },
            {
              "name": "tivoli-ebusiness-parm1-xss(62750)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62750"
            },
            {
              "name": "44382",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/44382"
            },
            {
              "name": "68886",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68886"
            },
            {
              "name": "1024633",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1024633"
            },
            {
              "name": "68889",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68889"
            },
            {
              "name": "68888",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68888"
            },
            {
              "name": "68894",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68894"
            },
            {
              "name": "68887",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68887"
            },
            {
              "name": "41974",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/41974"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-4120",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "68892",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68892"
                },
                {
                  "name": "68891",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68891"
                },
                {
                  "name": "68885",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68885"
                },
                {
                  "name": "ADV-2010-2774",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2774"
                },
                {
                  "name": "IZ84918",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918"
                },
                {
                  "name": "68890",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68890"
                },
                {
                  "name": "68884",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68884"
                },
                {
                  "name": "68893",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68893"
                },
                {
                  "name": "tivoli-ebusiness-parm1-xss(62750)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62750"
                },
                {
                  "name": "44382",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/44382"
                },
                {
                  "name": "68886",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68886"
                },
                {
                  "name": "1024633",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1024633"
                },
                {
                  "name": "68889",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68889"
                },
                {
                  "name": "68888",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68888"
                },
                {
                  "name": "68894",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68894"
                },
                {
                  "name": "68887",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68887"
                },
                {
                  "name": "41974",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/41974"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-4120",
        "datePublished": "2010-10-28T20:00:00.000Z",
        "dateReserved": "2010-10-28T00:00:00.000Z",
        "dateUpdated": "2024-08-07T03:34:37.796Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-5257 (GCVE-0-2008-5257)

    Vulnerability from nvd – Published: 2008-11-27 00:00 – Updated: 2024-08-07 10:49
    VLAI
    Summary
    webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/32755 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/32461 vdb-entryx_refsource_BID
    http://www-01.ibm.com/support/docview.wss?uid=swg… vendor-advisoryx_refsource_AIXAPAR
    http://www-01.ibm.com/support/docview.wss?uid=swg… vendor-advisoryx_refsource_AIXAPAR
    Date Public
    2008-11-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T10:49:11.977Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "32755",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32755"
              },
              {
                "name": "tivoli-ebusiness-webseal-dos(46821)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46821"
              },
              {
                "name": "32461",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/32461"
              },
              {
                "name": "IZ28611",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611"
              },
              {
                "name": "IZ37270",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-11-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "32755",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32755"
            },
            {
              "name": "tivoli-ebusiness-webseal-dos(46821)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46821"
            },
            {
              "name": "32461",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/32461"
            },
            {
              "name": "IZ28611",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611"
            },
            {
              "name": "IZ37270",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5257",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "32755",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/32755"
                },
                {
                  "name": "tivoli-ebusiness-webseal-dos(46821)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46821"
                },
                {
                  "name": "32461",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/32461"
                },
                {
                  "name": "IZ28611",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611"
                },
                {
                  "name": "IZ37270",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5257",
        "datePublished": "2008-11-27T00:00:00.000Z",
        "dateReserved": "2008-11-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T10:49:11.977Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0513 (GCVE-0-2006-0513)

    Vulnerability from nvd – Published: 2006-02-06 23:00 – Updated: 2024-08-07 16:41
    VLAI
    Summary
    Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www-1.ibm.com/support/docview.wss?uid=swg2… vendor-advisoryx_refsource_AIXAPAR
    http://www.vupen.com/english/advisories/2006/0442 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1015582 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/423946/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/412 third-party-advisoryx_refsource_SREASON
    http://www.vsecurity.com/bulletins/advisories/200… x_refsource_MISC
    http://secunia.com/advisories/18725 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/16494 vdb-entryx_refsource_BID
    Date Public
    2006-02-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:41:27.677Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html"
              },
              {
                "name": "IY79724",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24011562"
              },
              {
                "name": "ADV-2006-0442",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0442"
              },
              {
                "name": "1015582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015582"
              },
              {
                "name": "tivoli-pkmslogout-directory-traversal(24485)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24485"
              },
              {
                "name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/423946/100/0/threaded"
              },
              {
                "name": "412",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/412"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt"
              },
              {
                "name": "18725",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18725"
              },
              {
                "name": "16494",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16494"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-02-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html"
            },
            {
              "name": "IY79724",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24011562"
            },
            {
              "name": "ADV-2006-0442",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0442"
            },
            {
              "name": "1015582",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015582"
            },
            {
              "name": "tivoli-pkmslogout-directory-traversal(24485)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24485"
            },
            {
              "name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/423946/100/0/threaded"
            },
            {
              "name": "412",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/412"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt"
            },
            {
              "name": "18725",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18725"
            },
            {
              "name": "16494",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16494"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0513",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html"
                },
                {
                  "name": "IY79724",
                  "refsource": "AIXAPAR",
                  "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24011562"
                },
                {
                  "name": "ADV-2006-0442",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0442"
                },
                {
                  "name": "1015582",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015582"
                },
                {
                  "name": "tivoli-pkmslogout-directory-traversal(24485)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24485"
                },
                {
                  "name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/423946/100/0/threaded"
                },
                {
                  "name": "412",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/412"
                },
                {
                  "name": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt",
                  "refsource": "MISC",
                  "url": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt"
                },
                {
                  "name": "18725",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18725"
                },
                {
                  "name": "16494",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16494"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0513",
        "datePublished": "2006-02-06T23:00:00.000Z",
        "dateReserved": "2006-02-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:41:27.677Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2558 (GCVE-0-2004-2558)

    Vulnerability from nvd – Published: 2005-11-21 11:00 – Updated: 2024-08-08 01:29
    VLAI
    Summary
    Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/10449 vdb-entryx_refsource_BID
    http://www-1.ibm.com/support/docview.wss?uid=swg2… x_refsource_CONFIRM
    http://secunia.com/advisories/11761 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2004-05-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:29:13.944Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "10449",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10449"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762"
              },
              {
                "name": "11761",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11761"
              },
              {
                "name": "ibm-cookie-session-hijack(16315)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16315"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-05-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka \"Potential Credential Impersonation Attack.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "10449",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10449"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762"
            },
            {
              "name": "11761",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11761"
            },
            {
              "name": "ibm-cookie-session-hijack(16315)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16315"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-2558",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka \"Potential Credential Impersonation Attack.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "10449",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10449"
                },
                {
                  "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762",
                  "refsource": "CONFIRM",
                  "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762"
                },
                {
                  "name": "11761",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11761"
                },
                {
                  "name": "ibm-cookie-session-hijack(16315)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16315"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-2558",
        "datePublished": "2005-11-21T11:00:00.000Z",
        "dateReserved": "2005-11-21T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:29:13.944Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-1489 (GCVE-0-2017-1489)

    Vulnerability from cvelistv5 – Published: 2017-08-28 20:00 – Updated: 2024-09-16 23:31
    VLAI
    Summary
    IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.
    Severity
    No CVSS data available.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Security Access Manager for Web Affected: 6.1
    Affected: 6.1.1
    Affected: 7.0
    Affected: 8.0
    Affected: 8.0.0.2
    Affected: 8.0.0.3
    Affected: 8.0.0.4
    Affected: 8.0.0.5
    Affected: 8.0.0.1
    Affected: 8.0.1
    Affected: 8.0.1.2
    Affected: 8.0.1.3
    Affected: 9.0
    Affected: 9.0.0.1
    Affected: 9.0.1
    Affected: 8.0.1.4
    Affected: 8.0.1.5
    Affected: 9.0.2
    Affected: 9.0.2.1
    Affected: 9.0.3
    Create a notification for this product.
    Date Public
    2017-08-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T13:32:29.832Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
              },
              {
                "name": "100592",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/100592"
              },
              {
                "name": "1039227",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1039227"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Security Access Manager for Web",
              "vendor": "IBM",
              "versions": [
                {
                  "status": "affected",
                  "version": "6.1"
                },
                {
                  "status": "affected",
                  "version": "6.1.1"
                },
                {
                  "status": "affected",
                  "version": "7.0"
                },
                {
                  "status": "affected",
                  "version": "8.0"
                },
                {
                  "status": "affected",
                  "version": "8.0.0.2"
                },
                {
                  "status": "affected",
                  "version": "8.0.0.3"
                },
                {
                  "status": "affected",
                  "version": "8.0.0.4"
                },
                {
                  "status": "affected",
                  "version": "8.0.0.5"
                },
                {
                  "status": "affected",
                  "version": "8.0.0.1"
                },
                {
                  "status": "affected",
                  "version": "8.0.1"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.2"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.3"
                },
                {
                  "status": "affected",
                  "version": "9.0"
                },
                {
                  "status": "affected",
                  "version": "9.0.0.1"
                },
                {
                  "status": "affected",
                  "version": "9.0.1"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.4"
                },
                {
                  "status": "affected",
                  "version": "8.0.1.5"
                },
                {
                  "status": "affected",
                  "version": "9.0.2"
                },
                {
                  "status": "affected",
                  "version": "9.0.2.1"
                },
                {
                  "status": "affected",
                  "version": "9.0.3"
                }
              ]
            }
          ],
          "datePublic": "2017-08-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-05T09:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
            },
            {
              "name": "100592",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/100592"
            },
            {
              "name": "1039227",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1039227"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "DATE_PUBLIC": "2017-08-23T00:00:00",
              "ID": "CVE-2017-1489",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Security Access Manager for Web",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "6.1"
                              },
                              {
                                "version_value": "6.1.1"
                              },
                              {
                                "version_value": "7.0"
                              },
                              {
                                "version_value": "8.0"
                              },
                              {
                                "version_value": "8.0.0.2"
                              },
                              {
                                "version_value": "8.0.0.3"
                              },
                              {
                                "version_value": "8.0.0.4"
                              },
                              {
                                "version_value": "8.0.0.5"
                              },
                              {
                                "version_value": "8.0.0.1"
                              },
                              {
                                "version_value": "8.0.1"
                              },
                              {
                                "version_value": "8.0.1.2"
                              },
                              {
                                "version_value": "8.0.1.3"
                              },
                              {
                                "version_value": "9.0"
                              },
                              {
                                "version_value": "9.0.0.1"
                              },
                              {
                                "version_value": "9.0.1"
                              },
                              {
                                "version_value": "8.0.1.4"
                              },
                              {
                                "version_value": "8.0.1.5"
                              },
                              {
                                "version_value": "9.0.2"
                              },
                              {
                                "version_value": "9.0.2.1"
                              },
                              {
                                "version_value": "9.0.3"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687",
                  "refsource": "MISC",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/128687"
                },
                {
                  "name": "100592",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/100592"
                },
                {
                  "name": "1039227",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1039227"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg22006959",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg22006959"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2017-1489",
        "datePublished": "2017-08-28T20:00:00.000Z",
        "dateReserved": "2016-11-30T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:31:41.216Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0494 (GCVE-0-2011-0494)

    Vulnerability from cvelistv5 – Published: 2011-01-19 11:00 – Updated: 2024-08-06 21:58
    VLAI
    Summary
    Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors. NOTE: this might overlap CVE-2010-4622.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2011-01-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T21:58:24.526Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
              },
              {
                "name": "42955",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42955"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790"
              },
              {
                "name": "45836",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/45836"
              },
              {
                "name": "IZ87470",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87470"
              },
              {
                "name": "IZ91620",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91620"
              },
              {
                "name": "tivoli-ebusiness-webseal-directory-traversal(64737)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64737"
              },
              {
                "name": "IZ91619",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91619"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860"
              },
              {
                "name": "IZ87328",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87328"
              },
              {
                "name": "ADV-2011-0138",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2011/0138"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-01-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors.  NOTE: this might overlap CVE-2010-4622."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
            },
            {
              "name": "42955",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42955"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790"
            },
            {
              "name": "45836",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/45836"
            },
            {
              "name": "IZ87470",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87470"
            },
            {
              "name": "IZ91620",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91620"
            },
            {
              "name": "tivoli-ebusiness-webseal-directory-traversal(64737)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64737"
            },
            {
              "name": "IZ91619",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91619"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860"
            },
            {
              "name": "IZ87328",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87328"
            },
            {
              "name": "ADV-2011-0138",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2011/0138"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-0494",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 5.1 before 5.1.0.39-TIV-AWS-IF0040, 6.0 before 6.0.0.25-TIV-AWS-IF0026, 6.1.0 before 6.1.0.5-TIV-AWS-IF0006, and 6.1.1 before 6.1.1-TIV-AWS-FP0001 has unspecified impact and attack vectors.  NOTE: this might overlap CVE-2010-4622."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028861"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
                },
                {
                  "name": "42955",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42955"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24025790"
                },
                {
                  "name": "45836",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/45836"
                },
                {
                  "name": "IZ87470",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87470"
                },
                {
                  "name": "IZ91620",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91620"
                },
                {
                  "name": "tivoli-ebusiness-webseal-directory-traversal(64737)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64737"
                },
                {
                  "name": "IZ91619",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ91619"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028860"
                },
                {
                  "name": "IZ87328",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ87328"
                },
                {
                  "name": "ADV-2011-0138",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2011/0138"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21459999"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-0494",
        "datePublished": "2011-01-19T11:00:00.000Z",
        "dateReserved": "2011-01-18T00:00:00.000Z",
        "dateUpdated": "2024-08-06T21:58:24.526Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-4623 (GCVE-0-2010-4623)

    Vulnerability from cvelistv5 – Published: 2010-12-30 18:00 – Updated: 2024-08-07 03:51
    VLAI
    Summary
    WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2010-12-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:51:17.851Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
              },
              {
                "name": "ibm-tivoli-ebusiness-webseal-dos(64471)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64471"
              },
              {
                "name": "45665",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/45665"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-12-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
            },
            {
              "name": "ibm-tivoli-ebusiness-webseal-dos(64471)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64471"
            },
            {
              "name": "45665",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/45665"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-4623",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote authenticated users to cause a denial of service (worker thread consumption) via shift-reload actions."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
                },
                {
                  "name": "ibm-tivoli-ebusiness-webseal-dos(64471)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64471"
                },
                {
                  "name": "45665",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/45665"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-4623",
        "datePublished": "2010-12-30T18:00:00.000Z",
        "dateReserved": "2010-12-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T03:51:17.851Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-4622 (GCVE-0-2010-4622)

    Vulnerability from cvelistv5 – Published: 2010-12-30 18:00 – Updated: 2024-08-07 03:51
    VLAI
    Summary
    Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.vupen.com/english/advisories/2010/3329 vdb-entryx_refsource_VUPEN
    http://www.securityfocus.com/bid/45582 vdb-entryx_refsource_BID
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://securitytracker.com/id?1024927 vdb-entryx_refsource_SECTRACK
    http://www.osvdb.org/70158 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/42727 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2010-12-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:51:17.813Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2010-3329",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/3329"
              },
              {
                "name": "45582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/45582"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
              },
              {
                "name": "1024927",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1024927"
              },
              {
                "name": "70158",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/70158"
              },
              {
                "name": "42727",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/42727"
              },
              {
                "name": "tivoli-ebusiness-unspecified-dir-traversal(64306)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64306"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-12-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "ADV-2010-3329",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/3329"
            },
            {
              "name": "45582",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/45582"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
            },
            {
              "name": "1024927",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1024927"
            },
            {
              "name": "70158",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/70158"
            },
            {
              "name": "42727",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/42727"
            },
            {
              "name": "tivoli-ebusiness-unspecified-dir-traversal(64306)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64306"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-4622",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 on AIX allows remote attackers to read arbitrary files via a %uff0e%uff0e (encoded dot dot) in a URI."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2010-3329",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/3329"
                },
                {
                  "name": "45582",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/45582"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24028829"
                },
                {
                  "name": "1024927",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1024927"
                },
                {
                  "name": "70158",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/70158"
                },
                {
                  "name": "42727",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/42727"
                },
                {
                  "name": "tivoli-ebusiness-unspecified-dir-traversal(64306)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64306"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-4622",
        "datePublished": "2010-12-30T18:00:00.000Z",
        "dateReserved": "2010-12-30T00:00:00.000Z",
        "dateUpdated": "2024-08-07T03:51:17.813Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2010-4120 (GCVE-0-2010-4120)

    Vulnerability from cvelistv5 – Published: 2010-10-28 20:00 – Updated: 2024-08-07 03:34
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://osvdb.org/68892 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68891 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68885 vdb-entryx_refsource_OSVDB
    http://www.vupen.com/english/advisories/2010/2774 vdb-entryx_refsource_VUPEN
    http://www-01.ibm.com/support/docview.wss?uid=swg… vendor-advisoryx_refsource_AIXAPAR
    http://osvdb.org/68890 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68884 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68893 vdb-entryx_refsource_OSVDB
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/44382 vdb-entryx_refsource_BID
    http://osvdb.org/68886 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1024633 vdb-entryx_refsource_SECTRACK
    http://osvdb.org/68889 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68888 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68894 vdb-entryx_refsource_OSVDB
    http://osvdb.org/68887 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/41974 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2010-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T03:34:37.796Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "68892",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68892"
              },
              {
                "name": "68891",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68891"
              },
              {
                "name": "68885",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68885"
              },
              {
                "name": "ADV-2010-2774",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2010/2774"
              },
              {
                "name": "IZ84918",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918"
              },
              {
                "name": "68890",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68890"
              },
              {
                "name": "68884",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68884"
              },
              {
                "name": "68893",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68893"
              },
              {
                "name": "tivoli-ebusiness-parm1-xss(62750)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62750"
              },
              {
                "name": "44382",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/44382"
              },
              {
                "name": "68886",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68886"
              },
              {
                "name": "1024633",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1024633"
              },
              {
                "name": "68889",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68889"
              },
              {
                "name": "68888",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68888"
              },
              {
                "name": "68894",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68894"
              },
              {
                "name": "68887",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/68887"
              },
              {
                "name": "41974",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/41974"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2010-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "68892",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68892"
            },
            {
              "name": "68891",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68891"
            },
            {
              "name": "68885",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68885"
            },
            {
              "name": "ADV-2010-2774",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2010/2774"
            },
            {
              "name": "IZ84918",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918"
            },
            {
              "name": "68890",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68890"
            },
            {
              "name": "68884",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68884"
            },
            {
              "name": "68893",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68893"
            },
            {
              "name": "tivoli-ebusiness-parm1-xss(62750)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62750"
            },
            {
              "name": "44382",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/44382"
            },
            {
              "name": "68886",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68886"
            },
            {
              "name": "1024633",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1024633"
            },
            {
              "name": "68889",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68889"
            },
            {
              "name": "68888",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68888"
            },
            {
              "name": "68894",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68894"
            },
            {
              "name": "68887",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/68887"
            },
            {
              "name": "41974",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/41974"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2010-4120",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager for e-business 6.1.0 before 6.1.0-TIV-TAM-FP0006 allow remote attackers to inject arbitrary web script or HTML via (1) the parm1 parameter to ivt/ivtserver, or the method parameter to (2) acl, (3) domain, (4) group, (5) gso, (6) gsogroup, (7) os, (8) pop, (9) rule, (10) user, or (11) webseal in ibm/wpm/."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "68892",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68892"
                },
                {
                  "name": "68891",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68891"
                },
                {
                  "name": "68885",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68885"
                },
                {
                  "name": "ADV-2010-2774",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2010/2774"
                },
                {
                  "name": "IZ84918",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ84918"
                },
                {
                  "name": "68890",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68890"
                },
                {
                  "name": "68884",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68884"
                },
                {
                  "name": "68893",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68893"
                },
                {
                  "name": "tivoli-ebusiness-parm1-xss(62750)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/62750"
                },
                {
                  "name": "44382",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/44382"
                },
                {
                  "name": "68886",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68886"
                },
                {
                  "name": "1024633",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1024633"
                },
                {
                  "name": "68889",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68889"
                },
                {
                  "name": "68888",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68888"
                },
                {
                  "name": "68894",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68894"
                },
                {
                  "name": "68887",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/68887"
                },
                {
                  "name": "41974",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/41974"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2010-4120",
        "datePublished": "2010-10-28T20:00:00.000Z",
        "dateReserved": "2010-10-28T00:00:00.000Z",
        "dateUpdated": "2024-08-07T03:34:37.796Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-5257 (GCVE-0-2008-5257)

    Vulnerability from cvelistv5 – Published: 2008-11-27 00:00 – Updated: 2024-08-07 10:49
    VLAI
    Summary
    webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/32755 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/bid/32461 vdb-entryx_refsource_BID
    http://www-01.ibm.com/support/docview.wss?uid=swg… vendor-advisoryx_refsource_AIXAPAR
    http://www-01.ibm.com/support/docview.wss?uid=swg… vendor-advisoryx_refsource_AIXAPAR
    Date Public
    2008-11-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T10:49:11.977Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "32755",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32755"
              },
              {
                "name": "tivoli-ebusiness-webseal-dos(46821)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46821"
              },
              {
                "name": "32461",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/32461"
              },
              {
                "name": "IZ28611",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611"
              },
              {
                "name": "IZ37270",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-11-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-07T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "32755",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32755"
            },
            {
              "name": "tivoli-ebusiness-webseal-dos(46821)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46821"
            },
            {
              "name": "32461",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/32461"
            },
            {
              "name": "IZ28611",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611"
            },
            {
              "name": "IZ37270",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-5257",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "webseald in WebSEAL 6.0.0.17 in IBM Tivoli Access Manager for e-business allows remote attackers to cause a denial of service (crash or hang) via HTTP requests, as demonstrated by a McAfee vulnerability scan."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "32755",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/32755"
                },
                {
                  "name": "tivoli-ebusiness-webseal-dos(46821)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46821"
                },
                {
                  "name": "32461",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/32461"
                },
                {
                  "name": "IZ28611",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ28611"
                },
                {
                  "name": "IZ37270",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37270"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-5257",
        "datePublished": "2008-11-27T00:00:00.000Z",
        "dateReserved": "2008-11-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T10:49:11.977Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-0513 (GCVE-0-2006-0513)

    Vulnerability from cvelistv5 – Published: 2006-02-06 23:00 – Updated: 2024-08-07 16:41
    VLAI
    Summary
    Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www-1.ibm.com/support/docview.wss?uid=swg2… vendor-advisoryx_refsource_AIXAPAR
    http://www.vupen.com/english/advisories/2006/0442 vdb-entryx_refsource_VUPEN
    http://securitytracker.com/id?1015582 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.securityfocus.com/archive/1/423946/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/412 third-party-advisoryx_refsource_SREASON
    http://www.vsecurity.com/bulletins/advisories/200… x_refsource_MISC
    http://secunia.com/advisories/18725 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/16494 vdb-entryx_refsource_BID
    Date Public
    2006-02-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T16:41:27.677Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html"
              },
              {
                "name": "IY79724",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24011562"
              },
              {
                "name": "ADV-2006-0442",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/0442"
              },
              {
                "name": "1015582",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1015582"
              },
              {
                "name": "tivoli-pkmslogout-directory-traversal(24485)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24485"
              },
              {
                "name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/423946/100/0/threaded"
              },
              {
                "name": "412",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/412"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt"
              },
              {
                "name": "18725",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/18725"
              },
              {
                "name": "16494",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/16494"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-02-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-19T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html"
            },
            {
              "name": "IY79724",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24011562"
            },
            {
              "name": "ADV-2006-0442",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/0442"
            },
            {
              "name": "1015582",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1015582"
            },
            {
              "name": "tivoli-pkmslogout-directory-traversal(24485)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24485"
            },
            {
              "name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/423946/100/0/threaded"
            },
            {
              "name": "412",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/412"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt"
            },
            {
              "name": "18725",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/18725"
            },
            {
              "name": "16494",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/16494"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-0513",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in pkmslogout in Tivoli Web Server Plug-in 5.1.0.10 in Tivoli Access Manager (TAM) 5.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041930.html"
                },
                {
                  "name": "IY79724",
                  "refsource": "AIXAPAR",
                  "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24011562"
                },
                {
                  "name": "ADV-2006-0442",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/0442"
                },
                {
                  "name": "1015582",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1015582"
                },
                {
                  "name": "tivoli-pkmslogout-directory-traversal(24485)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24485"
                },
                {
                  "name": "20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/423946/100/0/threaded"
                },
                {
                  "name": "412",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/412"
                },
                {
                  "name": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt",
                  "refsource": "MISC",
                  "url": "http://www.vsecurity.com/bulletins/advisories/2006/tam-file-retrieval.txt"
                },
                {
                  "name": "18725",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/18725"
                },
                {
                  "name": "16494",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/16494"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-0513",
        "datePublished": "2006-02-06T23:00:00.000Z",
        "dateReserved": "2006-02-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T16:41:27.677Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2558 (GCVE-0-2004-2558)

    Vulnerability from cvelistv5 – Published: 2005-11-21 11:00 – Updated: 2024-08-08 01:29
    VLAI
    Summary
    Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/10449 vdb-entryx_refsource_BID
    http://www-1.ibm.com/support/docview.wss?uid=swg2… x_refsource_CONFIRM
    http://secunia.com/advisories/11761 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2004-05-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:29:13.944Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "10449",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/10449"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762"
              },
              {
                "name": "11761",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/11761"
              },
              {
                "name": "ibm-cookie-session-hijack(16315)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16315"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-05-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka \"Potential Credential Impersonation Attack.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-10T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "10449",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/10449"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762"
            },
            {
              "name": "11761",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/11761"
            },
            {
              "name": "ibm-cookie-session-hijack(16315)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16315"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-2558",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka \"Potential Credential Impersonation Attack.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "10449",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/10449"
                },
                {
                  "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762",
                  "refsource": "CONFIRM",
                  "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21168762"
                },
                {
                  "name": "11761",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/11761"
                },
                {
                  "name": "ibm-cookie-session-hijack(16315)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16315"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-2558",
        "datePublished": "2005-11-21T11:00:00.000Z",
        "dateReserved": "2005-11-21T00:00:00.000Z",
        "dateUpdated": "2024-08-08T01:29:13.944Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }