Lucene search

IbmCVE-2014-4756

HistorySep 10, 2014 - 10:55 a.m.

CVE-2014-4756

2014-09-1010:55:07

ibm

web.nvd.nist.gov

ibm

rational license key server

rlks

session hijacking

vulnerability

cve-2014-4756

nvd

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

6.1

Confidence

Low

EPSS

0.002

Percentile

52.0%

JSON

The Administration and Reporting Tool in IBM Rational License Key Server (RLKS) 8.1.4.x before 8.1.4.4 allows remote authenticated users to hijack sessions via unspecified vectors.

Affected configurations

Nvd

Node

ibmrational_license_key_serverMatch8.1.4

ibmrational_license_key_serverMatch8.1.4.2

ibmrational_license_key_serverMatch8.1.4.3

VendorProductVersionCPE
ibmrational_license_key_server8.1.4cpe:2.3:a:ibm:rational_license_key_server:8.1.4:*:*:*:*:*:*:*
ibmrational_license_key_server8.1.4.2cpe:2.3:a:ibm:rational_license_key_server:8.1.4.2:*:*:*:*:*:*:*
ibmrational_license_key_server8.1.4.3cpe:2.3:a:ibm:rational_license_key_server:8.1.4.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	rational_license_key_server	8.1.4	cpe:2.3:a:ibm:rational_license_key_server:8.1.4:::::::*
ibm	rational_license_key_server	8.1.4.2	cpe:2.3:a:ibm:rational_license_key_server:8.1.4.2:::::::*
ibm	rational_license_key_server	8.1.4.3	cpe:2.3:a:ibm:rational_license_key_server:8.1.4.3:::::::*

References

secunia.com/advisories/60709

www-01.ibm.com/support/docview.wss?uid=swg21681449

www-01.ibm.com/support/docview.wss?uid=swg24038045

www.securityfocus.com/bid/69645

exchange.xforce.ibmcloud.com/vulnerabilities/94444

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

6.1

Confidence

Low

EPSS

0.002

Percentile

52.0%

JSON

Related for CVE-2014-4756