PT-2017-13705 · Ibm · Ibm Security Identity Manager Adapters

Chris Shepherd

Published

2017-09-27

Updated

2017-10-06

CVE-2017-1483

CVSS v3.1

8.6

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions IBM Security Identity Manager Adapters versions 6.0 through 7.0

Description The issue allows anonymous users to access protected areas due to a lack of authentication check for a critical resource or functionality.

Recommendations For IBM Security Identity Manager Adapters versions 6.0 through 7.0, consider implementing additional authentication checks to restrict access to protected areas until a patch is available. As a temporary workaround, restrict access to critical resources or functionalities to minimize the risk of exploitation.

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2017-1483

Affected Products

Ibm Security Identity Manager Adapters

PT-2017-13705 · Ibm · Ibm Security Identity Manager Adapters

CVE-2017-1483

Weakness Enumeration

Related Identifiers

Affected Products

References · 5