Lucene search

IbmCVE-2014-6197

HistoryJan 17, 2015 - 11:59 a.m.

CVE-2014-6197

2015-01-1711:59:04

CWE-20

ibm

web.nvd.nist.gov

cve-2014-6197

ibm

security

network protection

clickjacking

nvd

fp5

fp1

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

8.9

Confidence

Low

EPSS

0.002

Percentile

54.9%

JSON

IBM Security Network Protection 5.1.x and 5.2.x before 5.2.0.0 FP5 and 5.3.x before 5.3.0.0 FP1 allows remote attackers to conduct clickjacking attacks via unspecified vectors.

Affected configurations

Nvd

Node

ibmsecurity_network_protection_xgs_firmwareMatch5.1

ibmsecurity_network_protection_xgs_firmwareMatch5.1.1

ibmsecurity_network_protection_xgs_firmwareMatch5.1.2

ibmsecurity_network_protection_xgs_firmwareMatch5.1.2.1

ibmsecurity_network_protection_xgs_firmwareMatch5.2

ibmsecurity_network_protection_xgs_firmwareMatch5.3

AND

ibmsecurity_network_protection_xgs_3100Match-

ibmsecurity_network_protection_xgs_4100Match-

ibmsecurity_network_protection_xgs_5100Match-

ibmsecurity_network_protection_xgs_7100Match-

VendorProductVersionCPE
ibmsecurity_network_protection_xgs_firmware5.1cpe:2.3:o:ibm:security_network_protection_xgs_firmware:5.1:*:*:*:*:*:*:*
ibmsecurity_network_protection_xgs_firmware5.1.1cpe:2.3:o:ibm:security_network_protection_xgs_firmware:5.1.1:*:*:*:*:*:*:*
ibmsecurity_network_protection_xgs_firmware5.1.2cpe:2.3:o:ibm:security_network_protection_xgs_firmware:5.1.2:*:*:*:*:*:*:*
ibmsecurity_network_protection_xgs_firmware5.1.2.1cpe:2.3:o:ibm:security_network_protection_xgs_firmware:5.1.2.1:*:*:*:*:*:*:*
ibmsecurity_network_protection_xgs_firmware5.2cpe:2.3:o:ibm:security_network_protection_xgs_firmware:5.2:*:*:*:*:*:*:*
ibmsecurity_network_protection_xgs_firmware5.3cpe:2.3:o:ibm:security_network_protection_xgs_firmware:5.3:*:*:*:*:*:*:*
ibmsecurity_network_protection_xgs_3100-cpe:2.3:h:ibm:security_network_protection_xgs_3100:-:*:*:*:*:*:*:*
ibmsecurity_network_protection_xgs_4100-cpe:2.3:h:ibm:security_network_protection_xgs_4100:-:*:*:*:*:*:*:*
ibmsecurity_network_protection_xgs_5100-cpe:2.3:h:ibm:security_network_protection_xgs_5100:-:*:*:*:*:*:*:*
ibmsecurity_network_protection_xgs_7100-cpe:2.3:h:ibm:security_network_protection_xgs_7100:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	security_network_protection_xgs_firmware	5.1	cpe:2.3:o:ibm:security_network_protection_xgs_firmware:5.1:::::::*
ibm	security_network_protection_xgs_firmware	5.1.1	cpe:2.3:o:ibm:security_network_protection_xgs_firmware:5.1.1:::::::*
ibm	security_network_protection_xgs_firmware	5.1.2	cpe:2.3:o:ibm:security_network_protection_xgs_firmware:5.1.2:::::::*
ibm	security_network_protection_xgs_firmware	5.1.2.1	cpe:2.3:o:ibm:security_network_protection_xgs_firmware:5.1.2.1:::::::*
ibm	security_network_protection_xgs_firmware	5.2	cpe:2.3:o:ibm:security_network_protection_xgs_firmware:5.2:::::::*
ibm	security_network_protection_xgs_firmware	5.3	cpe:2.3:o:ibm:security_network_protection_xgs_firmware:5.3:::::::*
ibm	security_network_protection_xgs_3100	-	cpe:2.3:h:ibm:security_network_protection_xgs_3100:-:::::::*
ibm	security_network_protection_xgs_4100	-	cpe:2.3:h:ibm:security_network_protection_xgs_4100:-:::::::*
ibm	security_network_protection_xgs_5100	-	cpe:2.3:h:ibm:security_network_protection_xgs_5100:-:::::::*
ibm	security_network_protection_xgs_7100	-	cpe:2.3:h:ibm:security_network_protection_xgs_7100:-:::::::*

References

www-01.ibm.com/support/docview.wss?uid=swg21693542

exchange.xforce.ibmcloud.com/vulnerabilities/98609

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

8.9

Confidence

Low

EPSS

0.002

Percentile

54.9%

JSON

Related for CVE-2014-6197