IBM Security Identity Manager 6.0/7.0 Credentials credentials management

A vulnerability, which was classified as problematic, was found in IBM Security Identity Manager 6.0/7.0 (Access Management Software). Affected is an unknown code block. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field	11/19/2019 03:15 PM	01/14/2021 12:38 PM	01/14/2021 12:43 PM
cvss2_nvd_av	L	L	L
cvss2_nvd_ac	L	L	L
cvss2_nvd_au	N	N	N
cvss2_nvd_ci	P	P	P
cvss2_nvd_ii	N	N	N
cvss2_nvd_ai	N	N	N
cvss3_meta_basescore	5.5	5.5	5.5
cvss3_meta_tempscore	5.5	5.5	5.5
cvss3_vuldb_basescore	3.3	3.3	3.3
cvss3_vuldb_tempscore	3.3	3.3	3.3
cvss3_vuldb_av	L	L	L
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	L	L	L
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	L	L	L
cvss3_vuldb_i	N	N	N
cvss3_vuldb_a	N	N	N
cvss3_nvd_av	L	L	L
cvss3_nvd_ac	L	L	L
cvss3_nvd_pr	L	L	L
cvss3_nvd_ui	N	N	N
cvss3_nvd_s	U	U	U
cvss3_nvd_c	H	H	H
cvss3_nvd_i	H	H	H
cvss3_nvd_a	H	H	H
titleword	Credentials	Credentials	Credentials
date	1506297600 (09/25/2017)	1506297600 (09/25/2017)	1506297600 (09/25/2017)
url	http://www.ibm.com/support/docview.wss?uid=swg22007381	http://www.ibm.com/support/docview.wss?uid=swg22007381	http://www.ibm.com/support/docview.wss?uid=swg22007381
price_0day	$0-$5k	$5k-$25k	$5k-$25k
price_trend	+	+	+
cve	CVE-2017-1362	CVE-2017-1362	CVE-2017-1362
cve_assigned	1480464000	1480464000	1480464000
cve_nvd_published	1506297600	1506297600	1506297600
cve_nvd_summary	IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 126801.	IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 126801.	IBM Security Identity Manager Adapters 6.0 and 7.0 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 126801.
securityfocus	100965	100965	100965
securityfocus_title	IBM Security Identity Adapter CVE-2017-1362 Local Information Disclosure Vulnerability	IBM Security Identity Adapter CVE-2017-1362 Local Information Disclosure Vulnerability	IBM Security Identity Adapter CVE-2017-1362 Local Information Disclosure Vulnerability
location	Website	Website	Website
cvss2_vuldb_e	ND	ND	ND
cvss2_vuldb_rl	ND	ND	ND
cvss2_vuldb_rc	ND	ND	ND
cvss3_vuldb_e	X	X	X
cvss3_vuldb_rl	X	X	X
cvss3_vuldb_rc	X	X	X
0day_days	4	4	4
cvss3_nvd_basescore	7.8	7.8	7.8
type	Access Management Software	Access Management Software	Access Management Software
vendor	IBM	IBM	IBM
name	Security Identity Manager	Security Identity Manager	Security Identity Manager
version	6.0/7.0	6.0/7.0	6.0/7.0
cwe	255 (privilege escalation)	255 (privilege escalation)	255 (privilege escalation)
risk	1	1	1
historic	0	0	0
cvss2_vuldb_basescore	1.5	1.5	1.5
cvss2_vuldb_tempscore	1.5	1.5	1.5
cvss2_vuldb_av	L	L	L
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_au	S	S	S
cvss2_vuldb_ci	P	P	P
cvss2_vuldb_ii	N	N	N
cvss2_vuldb_ai	N	N	N
person_nickname	ryan	ryan	ryan
confirm_url	http://www.ibm.com/support/docview.wss?uid=swg22007381	http://www.ibm.com/support/docview.wss?uid=swg22007381	http://www.ibm.com/support/docview.wss?uid=swg22007381
securityfocus_date	1505952000 (09/21/2017)	1505952000 (09/21/2017)	1505952000 (09/21/2017)
securityfocus_class	Design Error	Design Error	Design Error
discoverydate	1505952000	1505952000	1505952000
xforce		126801	126801
cvss2_nvd_basescore		2.1	2.1
person_name			Ron Craig/Warren Moynihan/Jonathan Fitz-Gerald/John Zuccato/Rodney Ryan/Chris Shepherd/Dmitriy Beryoza.

◂ Previous Overview Next ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!