← volver
CVE-2018-1443

CVE-2018-1443

CVSS 5.9 MEDIUMEPSS 0.4%
An XML parsing vulnerability affects IBM SAML-based single sign-on (SSO) systems (IBM Security Access Manager 9.0.0 - 9.0.4 and IBM Tivoli Federated Identity Manager 6.2 - 6.0.2.) This vulnerability can allow an attacker with authenticated access to trick SAML systems into authenticating as a different user without knowledge of the victim users password. IBM X-Force ID: 139754.
CVSS:3.0/A:L/AC:L/AV:L/C:L/I:L/PR:N/S:U/UI:N
Productos afectados
IBM · Security Access ManagerIBM · Tivoli Federated Identity Manager

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://exchange.xforce.ibmcloud.com/vulnerabilities/139754http://www.ibm.com/support/docview.wss?uid=swg22014160http://www.ibm.com/support/docview.wss?uid=swg22014161http://www.securityfocus.com/bid/103365http://www.securitytracker.com/id/1040454http://www.securitytracker.com/id/1040455