IBM Security Identity Manager 6.0/7.0 Credentials credentials management

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as problematic, was found in IBM Security Identity Manager 6.0/7.0 (Access Management Software). Affected is an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field11/19/2019 03:15 PM01/14/2021 12:38 PM01/14/2021 12:43 PM
cvss2_nvd_avLLL
cvss2_nvd_acLLL
cvss2_nvd_auNNN
cvss2_nvd_ciPPP
cvss2_nvd_iiNNN
cvss2_nvd_aiNNN
cvss3_meta_basescore5.55.55.5
cvss3_meta_tempscore5.55.55.5
cvss3_vuldb_basescore3.33.33.3
cvss3_vuldb_tempscore3.33.33.3
cvss3_vuldb_avLLL
cvss3_vuldb_acLLL
cvss3_vuldb_prLLL
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iNNN
cvss3_vuldb_aNNN
cvss3_nvd_avLLL
cvss3_nvd_acLLL
cvss3_nvd_prLLL
cvss3_nvd_uiNNN
cvss3_nvd_sUUU
cvss3_nvd_cHHH
cvss3_nvd_iHHH
cvss3_nvd_aHHH
titlewordCredentialsCredentialsCredentials
date1506297600 (09/25/2017)1506297600 (09/25/2017)1506297600 (09/25/2017)
urlhttp://www.ibm.com/support/docview.wss?uid=swg22007381http://www.ibm.com/support/docview.wss?uid=swg22007381http://www.ibm.com/support/docview.wss?uid=swg22007381
price_0day$0-$5k$5k-$25k$5k-$25k
price_trend+++
cveCVE-2017-1362CVE-2017-1362CVE-2017-1362
cve_assigned148046400014804640001480464000
cve_nvd_published150629760015062976001506297600
cve_nvd_summaryIBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 126801.IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 126801.IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 126801.
securityfocus100965100965100965
securityfocus_titleIBM Security Identity Adapter CVE-2017-1362 Local Information Disclosure VulnerabilityIBM Security Identity Adapter CVE-2017-1362 Local Information Disclosure VulnerabilityIBM Security Identity Adapter CVE-2017-1362 Local Information Disclosure Vulnerability
locationWebsiteWebsiteWebsite
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss2_vuldb_rcNDNDND
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
cvss3_vuldb_rcXXX
0day_days444
cvss3_nvd_basescore7.87.87.8
typeAccess Management SoftwareAccess Management SoftwareAccess Management Software
vendorIBMIBMIBM
nameSecurity Identity ManagerSecurity Identity ManagerSecurity Identity Manager
version6.0/7.06.0/7.06.0/7.0
cwe255 (privilege escalation)255 (privilege escalation)255 (privilege escalation)
risk111
historic000
cvss2_vuldb_basescore1.51.51.5
cvss2_vuldb_tempscore1.51.51.5
cvss2_vuldb_avLLL
cvss2_vuldb_acMMM
cvss2_vuldb_auSSS
cvss2_vuldb_ciPPP
cvss2_vuldb_iiNNN
cvss2_vuldb_aiNNN
person_nicknameryanryanryan
confirm_urlhttp://www.ibm.com/support/docview.wss?uid=swg22007381http://www.ibm.com/support/docview.wss?uid=swg22007381http://www.ibm.com/support/docview.wss?uid=swg22007381
securityfocus_date1505952000 (09/21/2017)1505952000 (09/21/2017)1505952000 (09/21/2017)
securityfocus_classDesign ErrorDesign ErrorDesign Error
discoverydate150595200015059520001505952000
xforce126801126801
cvss2_nvd_basescore2.12.1
person_nameRon Craig/Warren Moynihan/Jonathan Fitz-Gerald/John Zuccato/Rodney Ryan/Chris Shepherd/Dmitriy Beryoza.

Want to stay up to date on a daily basis?

Enable the mail alert feature now!