{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T16:32:57.713","vulnerabilities":[{"cve":{"id":"CVE-2016-3020","sourceIdentifier":"psirt@us.ibm.com","published":"2017-02-07T16:59:00.150","lastModified":"2026-05-13T00:24:29.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"IBM Security Access Manager for Web 7.0.0, 8.0.0, and 9.0.0 could allow a remote attacker to bypass security restrictions, caused by improper content validation. By persuading a victim to open specially-crafted content, an attacker could exploit this vulnerability to bypass validation and load a page with malicious content."},{"lang":"es","value":"IBM Security Access Manager para Web 7.0.0, 8.0.0 y 9.0.0 podría permitir a un atacante remoto eludir las restricciones de seguridad, causada por la validación del contenido indebido. Al persuadir a una víctima para abrir contenido especialmente manipulado, un atacante podría aprovechar esta vulnerabilidad para eludir la validación y cargar una página con contenido malicioso."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-284"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_web_7.0_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"5A5ACB34-BC23-4175-9F6A-91FB6762A040"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*","matchCriteriaId":"A7844D23-8DAB-4A9A-B0D4-734DF8FBFE02"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"35BD8955-4735-4FDC-906A-B404C4E36417"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*","matchCriteriaId":"1C5EBB4D-36F8-453C-9D2C-A63490144596"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_access_manager_for_mobile:*:*:*:*:*:*:*:*","matchCriteriaId":"6921A2CC-67D0-41B5-908B-F002C14AFD70"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*","matchCriteriaId":"506C4B29-BC71-4C56-BAB1-06E63BEB1DD3"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:ibm:security_access_manager_9.0_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"F5B95177-2AA3-45D4-895D-56CA35B32813"}]}]}],"references":[{"url":"http://www.ibm.com/support/docview.wss?uid=swg21996826","source":"psirt@us.ibm.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.ibm.com/support/docview.wss?uid=swg21996826","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}