Description

IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 128606.

Remediation

References

CVE-2017-1474

Related Vulnerabilities

WordPress Plugin Download Plugin Arbitrary Directory Download (1.0.1)

osTicket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-14012)

WordPress 4.7.x Multiple Vulnerabilities (4.7 - 4.7.11)

concrete5 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4724)

WordPress Plugin Sell Photo Cross-Site Scripting (1.0.5)

Severity

Medium

Classification

CVE-2017-1474 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities