IBM Security Access Manager 6.1, 7.0, 8.0, and 9.0 e-community configurations may be affected by a redirect vulnerability. ECSSO Master Authentication can redirect to a server not participating in an e-community domain. IBM X-Force ID: 128687.
A web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a Redirect. This simplifies phishing attacks.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.10 | 6.1.0.10 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.17 | 6.1.0.17 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.12 | 6.1.0.12 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.9 | 6.1.0.9 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.8 | 6.1.0.8 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.19 | 6.1.0.19 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.21 | 6.1.0.21 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.11 | 6.1.0.11 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.14 | 6.1.0.14 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.13 | 6.1.0.13 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.20 | 6.1.0.20 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.22 | 6.1.0.22 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.5 | 6.1.0.5 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.23 | 6.1.0.23 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.27 | 6.1.0.27 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.2 | 6.1.0.2 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.6 | 6.1.0.6 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.3 | 6.1.0.3 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.16 | 6.1.0.16 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0 | 6.1.0 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.26 | 6.1.0.26 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.15 | 6.1.0.15 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.7 | 6.1.0.7 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.29 | 6.1.0.29 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.18 | 6.1.0.18 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.24 | 6.1.0.24 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.25 | 6.1.0.25 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.31 | 6.1.0.31 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.30 | 6.1.0.30 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.4 | 6.1.0.4 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.28 | 6.1.0.28 |
Tivoli_access_manager_for_e-business | Ibm | 6.1.0.1 | 6.1.0.1 |