Lucene search
IbmCVE-2014-6087HistoryDec 18, 2014 - 4:59 p.m.
CVE-2014-6087
2014-12-1816:59:08
CWE-310
ibm
web.nvd.nist.gov
26
ibm
security
access manager
mobile
web
vulnerability
cve-2014-6087
ssl
cipher suite
network sniffing
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0.002
Percentile
59.7%
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make it easier for remote attackers to obtain sensitive information by sniffing the network during use of a weak algorithm in an SSL cipher suite.
Affected configurations
Node
ibmsecurity_access_manager_for_webMatch7.0
ORibmsecurity_access_manager_for_webMatch8.0
Node
ibmsecurity_access_manager_for_mobileMatch8.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | security_access_manager_for_web | 7.0 | cpe:2.3:a:ibm:security_access_manager_for_web:7.0:*:*:*:*:*:*:* |
| ibm | security_access_manager_for_web | 8.0 | cpe:2.3:a:ibm:security_access_manager_for_web:8.0:*:*:*:*:*:*:* |
| ibm | security_access_manager_for_mobile | 8.0 | cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2014-12-18 16:59:00
nvd
nvd
CVE-2014-6087
2014-12-18 16:59:08
cvelist
cvelist
CVE-2014-6087
2014-12-18 16:00:00
ibm
ibm
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.2
Confidence
Low
EPSS
0.002
Percentile
59.7%
Related for CVE-2014-6087