Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The reverse-proxy feature in IBM Security Access Manager (ISAM) for Web 8.0 with firmware 8.0.0.2 and 8.0.0.3 interprets the jct-nist-compliance parameter in the opposite of the intended manner, which makes it easier for remote attackers to obtain sensitive information by leveraging weak SSL encryption settings that lack NIST SP 800-131A compliance.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Security Access Manager for Web 安全漏洞
Vulnerability Description
IBM Security Access Manager(ISAM)for Web(前称IBM Tivoli Access Manager for e-business)是美国IBM公司的一套用于用户认证、授权和Web单点登录解决方案中的产品,它提供用户访问管理和Web应用保护功能。 使用8.0.0.2和8.0.0.3版本固件的ISAM for Web 8.0中的reverse-proxy组件存在安全漏洞,该漏洞源于程序没有正确设置jct-nist-compliance配置参数。远程攻击者可通过弱的SSL加
CVSS Information
N/A
Vulnerability Type
N/A