Ibm: >> Security Access Manager 9.0 Firmware >> 9.0.3.0 Security Vulnerabilities
IBM Security Access Manager Appliance 9.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 128372.
CVSS Score
8.8
EPSS Score
0.052
Published
2017-11-13
IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 128612.
CVSS Score
8.1
EPSS Score
0.006
Published
2017-11-13