Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote authenticated users to read log files by leveraging helpdesk privileges for a direct request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Security Access Manager for Enterprise Single Sign-On 权限许可和访问控制漏洞
Vulnerability Description
IBM Security Access Manager for Enterprise Single Sign-On(ISAM ESSO)是美国IBM公司的一套可提供单点登录的身份和访问管理软件。该软件可简化密码管理、使用强大的身份验证来保护信息,并帮助保护自助交易终端(kiosks)和共享的工作站。 ISAM ESSO 8.2版本中的IMS服务器Ifix 6之前的版本中存在安全漏洞。远程攻击者可借助‘helpdesk’权限发送直接请求利用该漏洞读取日志文件。
CVSS Information
N/A
Vulnerability Type
N/A