This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.
An access and authorization control management system, installed on
the remote host is affected by multiple vulnerabilities.
According to its self-reported version, the install of the IBM Tivoli
Access Manager for e-Business WebSEAL component is affected by the
following vulnerabilities :
- An input validation error exists that could allow
directory traversal attacks having an unspecified
impact. (CVE-2010-4622, CVE-2011-0494)
- An error exists related to 'shift-reload' actions that
could allow an authenticated attacker to cause denial
of service conditions. Note that only the 6.1.1.x
branch is affected by this issue. (CVE-2010-4623)
See also :
Apply the interim fix 220.127.116.11-TIV-AWS-IF0040 / 18.104.22.168-TIV-AWS-IF0026
/ 22.214.171.124-TIV-AWS-IF0006 or later. Or apply the fixpack
6.1.1-TIV-AWS-FP0001 or later.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true
Nessus Plugin ID: 70139 ()
Bugtraq ID: 455824566545836
CVE ID: CVE-2010-4622CVE-2010-4623CVE-2011-0494
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.