Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The LTPA STS module support implementation in IBM Tivoli Federated Identity Manager (TFIM) 6.2.0 before 6.2.0.9 and Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0 before 6.2.0.9 relies on a static instance of a Java Development Kit (JDK) class, which might allow attackers to bypass LTPA token signature verification by leveraging lack of thread safety.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Tivoli Federated Identity Manager和Tivoli Federated Identity Manager Business Gateway安全绕过漏洞
Vulnerability Description
IBM Tivoli Federated Identity Manager(TFIM)是美国IBM公司的一款跨企业的联邦身份管理产品。该产品向使用多种应用程序的用户提供Web和联合单点登录功能(SSO)。 IBM Tivoli Federated Identity Manager (TFIM) 6.2.0.9之前的6.2.0版本以及Tivoli Federated Identity Manager Business Gateway (TFIMBG) 6.2.0.9之前的6.2.0版本中的LTPA STS模
CVSS Information
N/A
Vulnerability Type
N/A