Lucene search

IbmCVE-2014-3073

HistoryJun 21, 2014 - 3:55 p.m.

CVE-2014-3073

2014-06-2115:55:03

ibm

web.nvd.nist.gov

ibm

security

access manager

isam

mobile

web

vulnerability

cve-2014-3073

nvd

remote code execution

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.018

Percentile

88.2%

JSON

Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote attackers to execute arbitrary code via unknown vectors.

Affected configurations

Nvd

Node

ibmsecurity_access_manager_for_mobile_softwareMatch8.0

ibmsecurity_access_manager_for_web_softwareMatch7.0

ibmsecurity_access_manager_for_web_softwareMatch8.0

ibmsecurity_access_manager_for_mobile_applianceMatch8.0

ibmsecurity_access_manager_for_web_applianceMatch7.0

ibmsecurity_access_manager_for_web_applianceMatch8.0

VendorProductVersionCPE
ibmsecurity_access_manager_for_mobile_software8.0cpe:2.3:a:ibm:security_access_manager_for_mobile_software:8.0:*:*:*:*:*:*:*
ibmsecurity_access_manager_for_web_software7.0cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0:*:*:*:*:*:*:*
ibmsecurity_access_manager_for_web_software8.0cpe:2.3:a:ibm:security_access_manager_for_web_software:8.0:*:*:*:*:*:*:*
ibmsecurity_access_manager_for_mobile_appliance8.0cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*
ibmsecurity_access_manager_for_web_appliance7.0cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*
ibmsecurity_access_manager_for_web_appliance8.0cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	security_access_manager_for_mobile_software	8.0	cpe:2.3:a:ibm:security_access_manager_for_mobile_software:8.0:::::::*
ibm	security_access_manager_for_web_software	7.0	cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0:::::::*
ibm	security_access_manager_for_web_software	8.0	cpe:2.3:a:ibm:security_access_manager_for_web_software:8.0:::::::*
ibm	security_access_manager_for_mobile_appliance	8.0	cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:::::::*
ibm	security_access_manager_for_web_appliance	7.0	cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:::::::*
ibm	security_access_manager_for_web_appliance	8.0	cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:::::::*

References

secunia.com/advisories/59438

www-01.ibm.com/support/docview.wss?uid=swg1IV61563

www-01.ibm.com/support/docview.wss?uid=swg21676699

www.securityfocus.com/bid/68137

exchange.xforce.ibmcloud.com/vulnerabilities/93790

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.018

Percentile

88.2%

JSON

Related for CVE-2014-3073