Ibm: >> Tivoli Secureway Policy Director Security Vulnerabilities
Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack."
CVSS Score
7.5
EPSS Score
0.008
Published
2004-12-31
WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e.
CVSS Score
5.0
EPSS Score
0.006
Published
2001-12-11
Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing "%2e" strings.
CVSS Score
5.0
EPSS Score
0.028
Published
2001-07-23