Vulnerability Description
IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 128378.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Security Access Manager For Web 8.0 Firmware | All versions |
| Ibm | Security Access Manager For Web Appliance | 8.0 |
| Ibm | Security Access Manager For Mobile | All versions |
| Ibm | Security Access Manager For Mobile Appliance | 8.0 |
| Ibm | Security Access Manager 9.0 Firmware | All versions |
Related Weaknesses (CWE)
References
- http://www.ibm.com/support/docview.wss?uid=swg22012331Vendor Advisory
- http://www.securitytracker.com/id/1040170Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/128378VDB EntryVendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg22012331Vendor Advisory
- http://www.securitytracker.com/id/1040170Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/128378VDB EntryVendor Advisory
FAQ
What is CVE-2017-1459?
CVE-2017-1459 is a vulnerability with a CVSS score of 4.2 (MEDIUM). IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force...
How severe is CVE-2017-1459?
CVE-2017-1459 has been rated MEDIUM with a CVSS base score of 4.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-1459?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Security Access Manager For Web 8.0 Firmware, Ibm Security Access Manager For Web Appliance, Ibm Security Access Manager For Mobile, Ibm Security Access Manager For Mobile Appliance, Ibm Security Access Manager 9.0 Firmware.