Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Security Solution

IBM WebSEAL

IBM Security Access Manager is a complete authorization and network security policy management solution. It provides end-to-end protection of resources over geographically dispersed intranets and extranets. In addition to state-of-the-art security policy management IBM Security Access Manager provides authentication authorization data security and centralized resource management capabilities.

Official Site:

https://www.ibm.com/support/knowledgecenter/SSPREK_9.0.1/com.ibm.isam.doc/wrp_config/concept/con_overview.html

Severity Summary:

Critical: 3 High: 12 Medium: 30 Low: 3
Reference
Title
Severity
CVE-2018-1722
IBM WebSEAL Vulnerability
Critical
CVE-2016-3028
IBM WebSEAL Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) Vulnerability
Critical
CVE-2020-4499
IBM WebSEAL Missing Authorization Vulnerability
Critical
CVE-2023-38371
IBM WebSEAL Use of a Broken or Risky Cryptographic Algorithm Vulnerability
High
CVE-2019-4135
IBM WebSEAL Vulnerability
High
CVE-2019-4707
IBM WebSEAL Improper Restriction of XML External Entity Reference Vulnerability
High
CVE-2018-1850
IBM WebSEAL Vulnerability
High
CVE-2018-1814
IBM WebSEAL Inadequate Encryption Strength Vulnerability
High
CVE-2018-1887
IBM WebSEAL Use of Hard-coded Credentials Vulnerability
High
CVE-2016-3025
IBM WebSEAL 7PK - Security Features Vulnerability
High
CVE-2019-4145
IBM WebSEAL Vulnerability
High
CVE-2021-20439
IBM WebSEAL Insufficiently Protected Credentials Vulnerability
High
CVE-2019-4036
IBM WebSEAL Improper Input Validation Vulnerability
High
CVE-2023-30997
IBM WebSEAL Other Vulnerability
High
CVE-2023-30998
IBM WebSEAL Other Vulnerability
High
CVE-2016-3018
IBM WebSEAL Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-38368
IBM WebSEAL Incorrect Authorization Vulnerability
Medium
CVE-2020-4699
IBM WebSEAL Observable Differences in Behavior to Error Inputs Vulnerability
Medium
CVE-2020-4660
IBM WebSEAL Observable Differences in Behavior to Error Inputs Vulnerability
Medium
CVE-2020-4661
IBM WebSEAL Observable Differences in Behavior to Error Inputs Vulnerability
Medium
CVE-2023-38370
IBM WebSEAL Incorrect Default Permissions Vulnerability
Medium
CVE-2019-4552
IBM WebSEAL Other Vulnerability
Medium
CVE-2024-35137
IBM WebSEAL Weak Password Requirements Vulnerability
Medium
CVE-2020-4461
IBM WebSEAL Improper Input Validation Vulnerability
Medium
CVE-2017-1489
IBM WebSEAL URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2024-35139
IBM WebSEAL Incorrect Default Permissions Vulnerability
Medium
CVE-2021-20496
IBM WebSEAL Improper Input Validation Vulnerability
Medium
CVE-2019-4725
IBM WebSEAL Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-1443
IBM WebSEAL Improper Authentication Vulnerability
Medium
CVE-2017-1474
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium