CVE-2018-1722

3 documents3 sources
Severity
10.0CRITICAL
EPSS
27.5%
top 3.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Security Access Manager ApplianceIBM Security Access Manager
Timeline
PublishedAug 24
Latest updateMay 13

Description

IBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0 could allow remote code execution when Advanced Access Control or Federation services are running. IBM X-Force ID: 147370.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages2 packages

CVEListV5ibm/security_access_manager_appliance9.0.4.0, 9.0.5.0+1
NVDibm/security_access_manager9.0.4.0, 9.0.5.0+1

🔴Vulnerability Details

2
GHSA
GHSA-f43w-q673-4p3p: IBM Security Access Manager Appliance 92022-05-13
CVEList
CVE-2018-1722: IBM Security Access Manager Appliance 92018-08-24
CVE-2018-1722 (CRITICAL CVSS 10) | IBM Security Access Manager Applian | cvebase.io