SymmetricalDataSecurity: IBM Security Bulletin: A vulnerability associated with the default account lockout settings in IBM Security Access Manager for Web has been identified (CVE-2016-3025)

Monday, September 26, 2016

IBM Security Bulletin: A vulnerability associated with the default account lockout settings in IBM Security Access Manager for Web has been identified (CVE-2016-3025)

The default account lockout setting in IBM Security Access Manager for Web could allow a remote attacker to use brute force to discover account credentials.

CVE(s): CVE-2016-3025

Affected product(s) and affected version(s):

IBM Security Access Manager for Web 7.0 appliances

IBM Security Access Manager for Web 8.0, all firmware versions

IBM Security Access Manager 9.0, all firmware versions

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2cwoQC0
X-Force Database: http://ift.tt/2dm9JkD

from IBM Product Security Incident Response Team http://ift.tt/2cwpNKB

SymmetricalDataSecurity

Monday, September 26, 2016

IBM Security Bulletin: A vulnerability associated with the default account lockout settings in IBM Security Access Manager for Web has been identified (CVE-2016-3025)

No comments:

Post a Comment

Blog Archive

Search This Blog

Total Pageviews