PT-2016-3653 · Ibm · Ibm Security Access Manager For Web
Chris Shepherd
+5
·
Publicado
2016-02-15
·
Atualizado
2016-03-10
·
CVE-2015-5010
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Security Access Manager for Web versions 7.0 through 7.0.0 IF20
IBM Security Access Manager for Web versions 8.0 through 8.0.1.3 IF3
IBM Security Access Manager for Web versions 9.0 through 9.0.0.0
Description
The issue is related to the lack of a lockout mechanism for invalid login attempts, making it easier for remote attackers to obtain access via a brute-force attack.
Recommendations
For versions 7.0 through 7.0.0 IF20, update to 7.0.0 IF21 or later.
For versions 8.0 through 8.0.1.3 IF3, update to 8.0.1.3 IF4 or later.
For versions 9.0 through 9.0.0.0, update to 9.0.0.1 IF1 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Security Access Manager For Web