Lucene search
HistoryMay 22, 2014 - 11:14 a.m.
CVE-2014-0949
ibm websphere portal
cve-2014-0949
dos
resource consumption
daemon crash
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.5 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
78.9%
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to cause a denial of service (resource consumption and daemon crash) via a crafted web request.
Affected configurations
Node
ibmwebsphere_portalMatch6.1.0.0
ORibmwebsphere_portalMatch6.1.0.1
ORibmwebsphere_portalMatch6.1.0.2
ORibmwebsphere_portalMatch6.1.0.3
ORibmwebsphere_portalMatch6.1.0.4
ORibmwebsphere_portalMatch6.1.0.5
ORibmwebsphere_portalMatch6.1.0.6
ORibmwebsphere_portalMatch6.1.0.6cf27
ORibmwebsphere_portalMatch6.1.5.0
ORibmwebsphere_portalMatch6.1.5.1
ORibmwebsphere_portalMatch6.1.5.2
ORibmwebsphere_portalMatch6.1.5.3
ORibmwebsphere_portalMatch6.1.5.3cf27
ORibmwebsphere_portalMatch7.0.0.0
ORibmwebsphere_portalMatch7.0.0.0cf001
ORibmwebsphere_portalMatch7.0.0.1
ORibmwebsphere_portalMatch7.0.0.1cf002
ORibmwebsphere_portalMatch7.0.0.1cf003
ORibmwebsphere_portalMatch7.0.0.1cf004
ORibmwebsphere_portalMatch7.0.0.1cf005
ORibmwebsphere_portalMatch7.0.0.1cf006
ORibmwebsphere_portalMatch7.0.0.1cf007
ORibmwebsphere_portalMatch7.0.0.1cf008
ORibmwebsphere_portalMatch7.0.0.1cf009
ORibmwebsphere_portalMatch7.0.0.1cf010
ORibmwebsphere_portalMatch7.0.0.1cf019
ORibmwebsphere_portalMatch7.0.0.2
ORibmwebsphere_portalMatch7.0.0.2cf011
ORibmwebsphere_portalMatch7.0.0.2cf012
ORibmwebsphere_portalMatch7.0.0.2cf013
ORibmwebsphere_portalMatch7.0.0.2cf014
ORibmwebsphere_portalMatch7.0.0.2cf015
ORibmwebsphere_portalMatch7.0.0.2cf016
ORibmwebsphere_portalMatch7.0.0.2cf017
ORibmwebsphere_portalMatch7.0.0.2cf018
ORibmwebsphere_portalMatch7.0.0.2cf019
ORibmwebsphere_portalMatch7.0.0.2cf020
ORibmwebsphere_portalMatch7.0.0.2cf021
ORibmwebsphere_portalMatch7.0.0.2cf022
ORibmwebsphere_portalMatch7.0.0.2cf23
ORibmwebsphere_portalMatch7.0.0.2cf24
ORibmwebsphere_portalMatch7.0.0.2cf25
ORibmwebsphere_portalMatch7.0.0.2cf26
ORibmwebsphere_portalMatch7.0.0.2cf27
ORibmwebsphere_portalMatch8.0.0.0
ORibmwebsphere_portalMatch8.0.0.0cf01
ORibmwebsphere_portalMatch8.0.0.0cf02
ORibmwebsphere_portalMatch8.0.0.0cf03
ORibmwebsphere_portalMatch8.0.0.0cf04
ORibmwebsphere_portalMatch8.0.0.0cf05
ORibmwebsphere_portalMatch8.0.0.1
ORibmwebsphere_portalMatch8.0.0.1cf04
ORibmwebsphere_portalMatch8.0.0.1cf05
ORibmwebsphere_portalMatch8.0.0.1cf07
ORibmwebsphere_portalMatch8.0.0.1cf08
ORibmwebsphere_portalMatch8.0.0.1cf09
ORibmwebsphere_portalMatch8.0.0.1cf10
ORibmwebsphere_portalMatch8.0.0.1cf11
Related
nessus
nessus
IBM WebSphere Portal Unspecified DoS (PI15692)
2014-05-23 00:00:00
IBM WebSphere Portal 7.0.0.x < 7.0.0.2 CF28 Multiple Vulnerabilities
2014-05-23 00:00:00
IBM WebSphere Portal 8.x < 8.0.0.1 CF12 Multiple Vulnerabilities
2014-05-23 00:00:00
nvd
nvd
CVE-2014-0949
2014-05-22 11:14:14
prion
prion
Cross site request forgery (csrf)
2014-05-22 11:14:00
cvelist
cvelist
CVE-2014-0949
2014-05-22 10:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.5 Medium
AI Score
Confidence
High
0.006 Low
EPSS
Percentile
78.9%
Related for CVE-2014-0949