Release date:
Updated on:
Affected Systems:
IBM Tivoli Identity Manager 6.x
IBM Tivoli Federated Identity Manager Business Gateway 6.x
Description:
--------------------------------------------------------------------------------
Cve id: CVE-2010-4476
Tivoli Federated Identity Manager is a new member of the Tivoli security family. It is known for its cross-enterprise federal Identity management and is part of the IBM Identity Integration Plan.
Multiple security vulnerabilities exist in IBM Tivoli Federated Identity Manager and IBM Tivoli Federated Identity Manager Business Gateway. Remote attackers can exploit these vulnerabilities to cause denial of service and other impacts.
1) the application is bound with an affected version of IBM Java;
2) Two unknown details errors exist in the console.
3) unknown details of errors occurred during running.
<* Source: vendor
Link: http://www.ibm.com/support/docview.wss? Uid = swg24029497
Http://www.ibm.com/support/docview.wss? Uid = swg24029498
Http://www-01.ibm.com/software/tivoli/products/federated-identity-mgr/
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
IBM
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.ers.ibm.com/