cbcvebase.
CVE-2016-3025
published 2016-11-25

CVE-2016-3025: IBM Security Access Manager for Mobile 8.x before 8.0.1.4 IF3 and Security Access Manager 9.x before 9.0.1.0 IF5 do not properly restrict failed login…

high8.1CVSS 3.0
AVNACHPRNUINSUCHIHAH
IBM Security Access Manager for Mobile 8.x before 8.0.1.4 IF3 and Security Access Manager 9.x before 9.0.1.0 IF5 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach.

Affected

13 ranges
VendorProductVersion rangeFixed in
ibmsecurity_access_manager
ibmsecurity_access_manager
ibmsecurity_access_manager
ibmsecurity_access_manager_for_mobile
ibmsecurity_access_manager_for_mobile
ibmsecurity_access_manager_for_mobile
ibmsecurity_access_manager_for_mobile
ibmsecurity_access_manager_for_mobile
ibmsecurity_access_manager_for_mobile
ibmsecurity_access_manager_for_mobile
ibmsecurity_access_manager_for_mobile
ibmsecurity_access_manager_for_mobile
ibmsecurity_access_manager_for_mobile