CVE-2018-1850

CWE-693CWE-20Improper Input Validation5 documents4 sources
Severity
7.5HIGH
EPSS
0.4%
top 37.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Security Access Manager ApplianceIBM Security Access Manager
Timeline
PublishedOct 22
Latest updateMay 13

Description

IBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 and 9.0.5.0 could allow unauthorized administration operations when Advanced Access Control services are running. IBM X-Force ID: 150998.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5ibm/security_access_manager_appliance9.0.3.1, 9.0.4.0, 9.0.5.0+2
NVDibm/security_access_manager9.0.3.1, 9.0.4.0, 9.0.5.0+2

🔴Vulnerability Details

2
GHSA
GHSA-6fgj-x4hm-55cq: IBM Security Access Manager Appliance 92022-05-13
CVEList
CVE-2018-1850: IBM Security Access Manager Appliance 92018-10-22

📋Vendor Advisories

2
Cisco
Cisco Aironet Access Points Central Web Authentication FlexConnect Client ACL Bypass Vulnerability2018-05-02
Cisco
Cisco Aironet 1810, 1830, and 1850 Series Access Points Point-to-Point Tunneling Protocol Denial of Service Vulnerability2018-05-02
CVE-2018-1850 (HIGH CVSS 7.5) | IBM Security Access Manager Applian | cvebase.io