Lucene search
HistoryDec 18, 2014 - 4:59 p.m.
CVE-2014-6083
ibm
security access manager
mobile
web
cve-2014-6083
vulnerability
cookie
network sniffing
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.1%
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session.
Affected configurations
Node
ibmsecurity_access_manager_for_webMatch7.0
ORibmsecurity_access_manager_for_webMatch8.0
Node
ibmsecurity_access_manager_for_mobileMatch8.0
Related
prion
prion
Session fixation
2014-12-18 16:59:00
nvd
nvd
CVE-2014-6083
2014-12-18 16:59:05
cvelist
cvelist
CVE-2014-6083
2014-12-18 16:00:00
ibm
ibm
6.3 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
70.1%
Related for CVE-2014-6083