Lucene search
HistoryDec 18, 2014 - 4:59 p.m.
CVE-2014-6164
ibm
websphere
application server
security
vulnerability
openid
cookies
spoofing
cve-2014-6164
3.9 Low
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
68.6%
IBM WebSphere Application Server 8.0.x before 8.0.0.10 and 8.5.x before 8.5.5.4 allows remote attackers to spoof OpenID and OpenID Connect cookies, and consequently obtain sensitive information, via a crafted URL.
Related
openvas
openvas
prion
prion
Design/Logic Flaw
2014-12-18 16:59:00
nessus
nessus
ibm
ibm
Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.5.4
2022-09-08 00:26:26
Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.0.0.10
2022-09-08 00:26:26
WebSphere Application Server and IBM HTTP Server Security Bulletin List
2022-07-13 18:04:48
3.9 Low
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.003 Low
EPSS
Percentile
68.6%
Related for CVE-2014-6164