Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Security Solution

IBM WebSEAL

IBM Security Access Manager is a complete authorization and network security policy management solution. It provides end-to-end protection of resources over geographically dispersed intranets and extranets. In addition to state-of-the-art security policy management IBM Security Access Manager provides authentication authorization data security and centralized resource management capabilities.

Official Site:

https://www.ibm.com/support/knowledgecenter/SSPREK_9.0.1/com.ibm.isam.doc/wrp_config/concept/con_overview.html

Severity Summary:

Critical: 3 High: 12 Medium: 30 Low: 3
Reference
Title
Severity
CVE-2019-4158
IBM WebSEAL Missing Authorization Vulnerability
Medium
CVE-2019-4157
IBM WebSEAL Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-4156
IBM WebSEAL Use of a Broken or Risky Cryptographic Algorithm Vulnerability
Medium
CVE-2019-4153
IBM WebSEAL URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2019-4152
IBM WebSEAL Session Fixation Vulnerability
Medium
CVE-2019-4151
IBM WebSEAL Inadequate Encryption Strength Vulnerability
Medium
CVE-2018-1886
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2018-1815
IBM WebSEAL Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-1813
IBM WebSEAL Vulnerability
Medium
CVE-2018-1805
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2018-1803
IBM WebSEAL Improper Restriction of Rendered UI Layers or Frames Vulnerability
Medium
CVE-2018-1740
IBM WebSEAL Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-1653
IBM WebSEAL Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-1476
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2017-1480
IBM WebSEAL Insertion of Sensitive Information into Log File Vulnerability
Medium
CVE-2019-4150
IBM WebSEAL Improper Certificate Validation Vulnerability
Low
CVE-2018-1804
IBM WebSEAL Session Fixation Vulnerability
Low
CVE-2016-3045
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Low