Lucene search
HistoryDec 24, 2014 - 11:59 a.m.
CVE-2014-6186
ibm
wsrr
security
bypass
object-access
restriction
datagraph
nvd
cve-2014-6186
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
54.0%
IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.1 allows remote authenticated users to bypass intended object-access restrictions via the datagraph.
Affected configurations
Node
ibmwebsphere_service_registry_and_repositoryMatch6.3.0
ORibmwebsphere_service_registry_and_repositoryMatch6.3.0.1
ORibmwebsphere_service_registry_and_repositoryMatch6.3.0.2
ORibmwebsphere_service_registry_and_repositoryMatch6.3.0.3
ORibmwebsphere_service_registry_and_repositoryMatch6.3.0.4
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.1
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.2
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.3
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.4
ORibmwebsphere_service_registry_and_repositoryMatch7.0.0.5
ORibmwebsphere_service_registry_and_repositoryMatch7.5.0.0
ORibmwebsphere_service_registry_and_repositoryMatch7.5.0.1
ORibmwebsphere_service_registry_and_repositoryMatch7.5.0.2
ORibmwebsphere_service_registry_and_repositoryMatch8.0
Related
cvelist
cvelist
CVE-2014-6186
2014-12-24 11:00:00
prion
prion
Design/Logic Flaw
2014-12-24 11:59:00
nvd
nvd
CVE-2014-6186
2014-12-24 11:59:09
nessus
nessus
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
6.1 Medium
AI Score
Confidence
Low
0.002 Low
EPSS
Percentile
54.0%
Related for CVE-2014-6186