Description

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 150017.

Remediation

References

CVE-2018-1813

Related Vulnerabilities

PHP Other Vulnerability (CVE-2005-3883)

Joomla! Core 3.3.x Denial of Service (3.3.0 - 3.3.4)

MediaWiki CVE-2023-29139 Vulnerability (CVE-2023-29139)

IBM WebSEAL Inadequate Encryption Strength Vulnerability (CVE-2019-4151)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-2935)

Severity

Medium

Classification

CVE-2018-1813 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities