Lucene search

[email protected]CVE-2014-0888

HistoryAug 29, 2014 - 10:00 a.m.

CVE-2014-0888

2014-08-2910:00:00

CWE-264

[email protected]

web.nvd.nist.gov

ibm

worklight

foundation

authentication bypass

cve-2014-0888

nvd

4.9 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:P/A:P

6.2 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

33.0%

JSON

IBM Worklight Foundation 5.x and 6.x before 6.2.0.0, as used in Worklight and Mobile Foundation, allows remote authenticated users to bypass the application-authenticity feature via unspecified vectors.

Affected configurations

NVD

Node

ibmworklightMatch5.0.0.0consumer

ibmworklightMatch5.0.0.0enterprise

ibmworklightMatch5.0.0.1consumer

ibmworklightMatch5.0.0.1enterprise

ibmworklightMatch5.0.0.2consumer

ibmworklightMatch5.0.0.2enterprise

ibmworklightMatch5.0.0.3consumer

ibmworklightMatch5.0.0.3enterprise

ibmworklightMatch5.0.5.0consumer

ibmworklightMatch5.0.5.0enterprise

ibmworklightMatch5.0.5.1consumer

ibmworklightMatch5.0.5.1enterprise

ibmworklightMatch5.0.6.0consumer

ibmworklightMatch5.0.6.0enterprise

ibmworklightMatch5.0.6.1consumer

ibmworklightMatch5.0.6.1enterprise

ibmworklightMatch5.0.6.2consumer

ibmworklightMatch5.0.6.2enterprise

ibmworklightMatch6.0.0.0consumer

ibmworklightMatch6.0.0.0enterprise

ibmworklightMatch6.0.0.1consumer

ibmworklightMatch6.0.0.1enterprise

ibmworklightMatch6.0.0.2consumer

ibmworklightMatch6.0.0.2enterprise

ibmworklightMatch6.1.0.0consumer

ibmworklightMatch6.1.0.0enterprise

ibmworklightMatch6.1.0.1consumer

ibmworklightMatch6.1.0.1enterprise

Node

ibmmobile_foundationMatch5.0.0.0

ibmmobile_foundationMatch5.0.0.1

ibmmobile_foundationMatch5.0.0.2

ibmmobile_foundationMatch5.0.0.3

ibmmobile_foundationMatch5.0.5.0

ibmmobile_foundationMatch5.0.5.1

ibmmobile_foundationMatch5.0.6.0

ibmmobile_foundationMatch5.0.6.1

ibmmobile_foundationMatch5.0.6.2

ibmmobile_foundationMatch6.0.0.0

ibmmobile_foundationMatch6.0.0.1

ibmmobile_foundationMatch6.0.0.2

ibmmobile_foundationMatch6.1.0.0

ibmmobile_foundationMatch6.1.0.1

CPENameOperatorVersion
ibm:worklightibm worklighteq5.0.0.0
ibm:worklightibm worklighteq5.0.0.1
ibm:worklightibm worklighteq5.0.0.2
ibm:worklightibm worklighteq5.0.0.3
ibm:worklightibm worklighteq5.0.5.0
ibm:worklightibm worklighteq5.0.5.1
ibm:worklightibm worklighteq5.0.6.0
ibm:worklightibm worklighteq5.0.6.1
ibm:worklightibm worklighteq5.0.6.2
ibm:worklightibm worklighteq6.0.0.0

CPE	Name	Operator	Version
ibm:worklight	ibm worklight	eq	5.0.0.0
ibm:worklight	ibm worklight	eq	5.0.0.1
ibm:worklight	ibm worklight	eq	5.0.0.2
ibm:worklight	ibm worklight	eq	5.0.0.3
ibm:worklight	ibm worklight	eq	5.0.5.0
ibm:worklight	ibm worklight	eq	5.0.5.1
ibm:worklight	ibm worklight	eq	5.0.6.0
ibm:worklight	ibm worklight	eq	5.0.6.1
ibm:worklight	ibm worklight	eq	5.0.6.2
ibm:worklight	ibm worklight	eq	6.0.0.0

Rows per page:

1-10 of 141

References

www-01.ibm.com/support/docview.wss?uid=swg21682798

exchange.xforce.ibmcloud.com/vulnerabilities/91239

4.9 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:P/A:P

6.2 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

33.0%

JSON

Related for CVE-2014-0888

prion1 cvelist1 nvd1 ibm1