CVE-2014-0868

2014-07-07T11:01:00
ID CVE-2014-0868
Type cve
Reporter cve@mitre.org
Modified 2018-10-09T19:42:00

Description

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via a crafted XML document, as demonstrated by manipulation of read-only limit data.