Ibm: >> Tivoli Identity Manager >> 5.0.0.6 Security Vulnerabilities
Cross-site request forgery (CSRF) vulnerability in IBM Tivoli Identity Manager (ITIM) 5.0 before 5.0.0.15 and 5.1 before 5.1.0.15 and IBM Security Identity Manager (ISIM) 6.0 before 6.0.0.2 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.
CVSS Score
6.0
EPSS Score
0.001
Published
2014-06-08
Multiple session fixation vulnerabilities in IBM Tivoli Identity Manager (ITIM) 5.0.0.6 allow remote attackers to hijack web sessions via unspecified vectors involving the (1) console and (2) self service interfaces.
CVSS Score
6.8
EPSS Score
0.01
Published
2009-07-23