Lucene search
HistoryDec 24, 2014 - 11:59 a.m.
CVE-2014-6186
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
AI Score
6
Confidence
Low
EPSS
0.002
Percentile
54.2%
IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.1 allows remote authenticated users to bypass intended object-access restrictions via the datagraph.
Affected configurations
Node
ibmwebsphere_service_registry_and_repositoryMatch6.3.0
ORibmwebsphere_service_registry_and_repositoryMatch6.3.0.1
ORibmwebsphere_service_registry_and_repositoryMatch6.3.0.2
ORibmwebsphere_service_registry_and_repositoryMatch6.3.0.3
ORibmwebsphere_service_registry_and_repositoryMatch6.3.0.4
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.1
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.2
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.3
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.4
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.5
ORibmwebsphere_service_registry_and_repositoryMatch7.5.0.0
ORibmwebsphere_service_registry_and_repositoryMatch7.5.0.1
ORibmwebsphere_service_registry_and_repositoryMatch7.5.0.2
ORibmwebsphere_service_registry_and_repositoryMatch8.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | websphere_service_registry_and_repository | 6.3.0 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:6.3.0:*:*:*:*:*:*:* |
| ibm | websphere_service_registry_and_repository | 6.3.0.1 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:6.3.0.1:*:*:*:*:*:*:* |
| ibm | websphere_service_registry_and_repository | 6.3.0.2 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:6.3.0.2:*:*:*:*:*:*:* |
| ibm | websphere_service_registry_and_repository | 6.3.0.3 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:6.3.0.3:*:*:*:*:*:*:* |
| ibm | websphere_service_registry_and_repository | 6.3.0.4 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:6.3.0.4:*:*:*:*:*:*:* |
| ibm | websphere_service_registry_and_repository | 7.0.0 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0:*:*:*:*:*:*:* |
| ibm | websphere_service_registry_and_repository | 7.0.0.1 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0.1:*:*:*:*:*:*:* |
| ibm | websphere_service_registry_and_repository | 7.0.0.2 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0.2:*:*:*:*:*:*:* |
| ibm | websphere_service_registry_and_repository | 7.0.0.3 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0.3:*:*:*:*:*:*:* |
| ibm | websphere_service_registry_and_repository | 7.0.0.4 | cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0.4:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2014-6186
2014-12-24 11:00:00
cve
cve
CVE-2014-6186
2014-12-24 11:59:09
prion
prion
Design/Logic Flaw
2014-12-24 11:59:00
nessus
nessus
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
AI Score
6
Confidence
Low
EPSS
0.002
Percentile
54.2%
Related for NVD:CVE-2014-6186