Lucene search
HistoryDec 24, 2014 - 11:59 a.m.
CVE-2014-6181
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
5.6
Confidence
Low
EPSS
0.001
Percentile
45.4%
IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before 7.0.0.5 does not perform access-control checks for contained objects, which allows remote authenticated users to obtain sensitive information via unspecified vectors.
Affected configurations
Node
ibmwebsphere_service_registry_and_repositoryMatch7.0.0
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.1
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.2
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.3
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_service_registry_and_repository | 7.0.0 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0:*:*:*:*:*:*:* |
| ibm | websphere_service_registry_and_repository | 7.0.0.1 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0.1:*:*:*:*:*:*:* |
| ibm | websphere_service_registry_and_repository | 7.0.0.2 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0.2:*:*:*:*:*:*:* |
| ibm | websphere_service_registry_and_repository | 7.0.0.3 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0.3:*:*:*:*:*:*:* |
| ibm | websphere_service_registry_and_repository | 7.0.0.4 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0.4:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2014-6181
2014-12-24 11:00:00
cve
cve
CVE-2014-6181
2014-12-24 11:59:08
prion
prion
Design/Logic Flaw
2014-12-24 11:59:00
nessus
nessus
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
AI Score
5.6
Confidence
Low
EPSS
0.001
Percentile
45.4%
Related for NVD:CVE-2014-6181