Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2017-1534

IBM Security Access Manager Appliance 8.0.0 and 9.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 130676.

  • Published: Jan 10, 2018
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-1534
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:N

CWEs:

Software From Fixed in
ibm / security_access_manager_for_web_firmware 8.0.0 8.0.0.x
ibm / security_access_manager_for_web_firmware 8.0.0.1 8.0.0.1.x
ibm / security_access_manager_for_web_firmware 8.0.0.2 8.0.0.2.x
ibm / security_access_manager_for_web_firmware 8.0.0.3 8.0.0.3.x
ibm / security_access_manager_for_web_firmware 8.0.0.4 8.0.0.4.x
ibm / security_access_manager_for_web_firmware 8.0.0.5 8.0.0.5.x
ibm / security_access_manager_for_web_firmware 8.0.1 8.0.1.x
ibm / security_access_manager_for_web_firmware 8.0.1.2 8.0.1.2.x
ibm / security_access_manager_for_web_firmware 8.0.1.3 8.0.1.3.x
ibm / security_access_manager_for_web_firmware 8.0.1.4 8.0.1.4.x
ibm / security_access_manager_for_web_firmware 8.0.1.5 8.0.1.5.x
ibm / security_access_manager_for_web_firmware 8.0.1.6 8.0.1.6.x
ibm / security_access_manager_for_mobile 8.0.0 8.0.0.x
ibm / security_access_manager_for_mobile 8.0.0.1 8.0.0.1.x
ibm / security_access_manager_for_mobile 8.0.0.2 8.0.0.2.x
ibm / security_access_manager_for_mobile 8.0.0.3 8.0.0.3.x
ibm / security_access_manager_for_mobile 8.0.0.4 8.0.0.4.x
ibm / security_access_manager_for_mobile 8.0.0.5 8.0.0.5.x
ibm / security_access_manager_for_mobile 8.0.1 8.0.1.x
ibm / security_access_manager_for_mobile 8.0.1.2 8.0.1.2.x
ibm / security_access_manager_for_mobile 8.0.1.3 8.0.1.3.x
ibm / security_access_manager_for_mobile 8.0.1.4 8.0.1.4.x
ibm / security_access_manager_for_mobile 8.0.1.5 8.0.1.5.x
ibm / security_access_manager_for_mobile 8.0.1.6 8.0.1.6.x
ibm / security_access_manager_firmware 9.0.0 9.0.0.x
ibm / security_access_manager_firmware 9.0.0.1 9.0.0.1.x
ibm / security_access_manager_firmware 9.0.1.0 9.0.1.0.x
ibm / security_access_manager_firmware 9.0.2.0 9.0.2.0.x
ibm / security_access_manager_firmware 9.0.2.1 9.0.2.1.x
ibm / security_access_manager_firmware 9.0.3 9.0.3.x