CVE Vulnerabilities

CVE-2016-3017

Improperly Implemented Security Check for Standard

Published: Feb 01, 2017 | Modified: Oct 27, 2020
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfigurations.

Weakness

The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.

Affected Software

Name Vendor Start Version End Version
Security_access_manager_9.0_firmware Ibm 9.0.0 (including) 9.0.0 (including)
Security_access_manager_9.0_firmware Ibm 9.0.0.1 (including) 9.0.0.1 (including)
Security_access_manager_9.0_firmware Ibm 9.0.1.0 (including) 9.0.1.0 (including)
Security_access_manager_for_mobile_8.0_firmware Ibm 8.0.0.1 (including) 8.0.0.1 (including)
Security_access_manager_for_mobile_8.0_firmware Ibm 8.0.0.2 (including) 8.0.0.2 (including)
Security_access_manager_for_mobile_8.0_firmware Ibm 8.0.0.3 (including) 8.0.0.3 (including)
Security_access_manager_for_mobile_8.0_firmware Ibm 8.0.0.5 (including) 8.0.0.5 (including)
Security_access_manager_for_mobile_8.0_firmware Ibm 8.0.1.0 (including) 8.0.1.0 (including)
Security_access_manager_for_mobile_8.0_firmware Ibm 8.0.1.2 (including) 8.0.1.2 (including)
Security_access_manager_for_mobile_8.0_firmware Ibm 8.0.1.3 (including) 8.0.1.3 (including)
Security_access_manager_for_mobile_8.0_firmware Ibm 8.0.1.4 (including) 8.0.1.4 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.1 (including) 7.0.0.1 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.2 (including) 7.0.0.2 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.3 (including) 7.0.0.3 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.4 (including) 7.0.0.4 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.5 (including) 7.0.0.5 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.6 (including) 7.0.0.6 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.7 (including) 7.0.0.7 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.8 (including) 7.0.0.8 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.9 (including) 7.0.0.9 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.10 (including) 7.0.0.10 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.11 (including) 7.0.0.11 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.12 (including) 7.0.0.12 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.13 (including) 7.0.0.13 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.14 (including) 7.0.0.14 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.15 (including) 7.0.0.15 (including)
Security_access_manager_for_web_7.0_firmware Ibm 7.0.0.16 (including) 7.0.0.16 (including)
Security_access_manager_for_web_8.0_firmware Ibm 8.0.0.1 (including) 8.0.0.1 (including)
Security_access_manager_for_web_8.0_firmware Ibm 8.0.0.2 (including) 8.0.0.2 (including)
Security_access_manager_for_web_8.0_firmware Ibm 8.0.0.3 (including) 8.0.0.3 (including)
Security_access_manager_for_web_8.0_firmware Ibm 8.0.0.5 (including) 8.0.0.5 (including)
Security_access_manager_for_web_8.0_firmware Ibm 8.0.1.0 (including) 8.0.1.0 (including)
Security_access_manager_for_web_8.0_firmware Ibm 8.0.1.2 (including) 8.0.1.2 (including)
Security_access_manager_for_web_8.0_firmware Ibm 8.0.1.3 (including) 8.0.1.3 (including)
Security_access_manager_for_web_8.0_firmware Ibm 8.0.1.4 (including) 8.0.1.4 (including)

References