Lucene search

K

IbmCVELIST:CVE-2014-0864

HistoryJul 07, 2014 - 10:00 a.m.

CVE-2014-0864

2014-07-0710:00:00

ibm

www.cve.org

3

AI Score

7

Confidence

Low

EPSS

0.004

Percentile

73.6%

Multiple cross-site request forgery (CSRF) vulnerabilities in Executer in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allow remote attackers to hijack the authentication of arbitrary users for requests that change (1) a deal’s currency or (2) a limit via a crafted XML document.

References

packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html

seclists.org/fulldisclosure/2014/Jun/173

secunia.com/advisories/59296

www-01.ibm.com/support/docview.wss?uid=swg21675881

www.securityfocus.com/archive/1/532598/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/90938

www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt

AI Score

7

Confidence

Low

EPSS

0.004

Percentile

73.6%

Related for CVELIST:CVE-2014-0864

nvd1 cve1 prion1 securityvulns2 seebug1 exploitdb1 packetstorm1 zdt1 ibm1 exploitpack1