CVE-2014-3053Improper Authentication in IBM Security Access Manager FOR Mobile Appliance

CWE-287Improper Authentication3 documents3 sources
Severity
8.0HIGHNVD
EPSS
0.6%
top 31.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
IBM Security Access Manager FOR Mobile ApplianceIBM Security Access Manager FOR Mobile SoftwareIBM Security Access Manager FOR WEB 8.0 Firmware+2 more
Timeline
PublishedJun 21
Latest updateMay 17

Description

The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials.

CVSS vector

AV:A/AC:L/C:C/I:P/A:CExploitability: 6.5 | Impact: 9.5

Affected Packages1 packages

NVDibm/security_access_manager4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-xqhf-qrgr-g45h: The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 82022-05-17
CVEList
CVE-2014-3053: The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 82014-06-21
CVE-2014-3053 — Improper Authentication in IBM | cvebase