Lucene search

K

IbmCVELIST:CVE-2014-0864

HistoryJul 07, 2014 - 10:00 a.m.

CVE-2014-0864

2014-07-0710:00:00

ibm

www.cve.org

2

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.6%

Multiple cross-site request forgery (CSRF) vulnerabilities in Executer in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allow remote attackers to hijack the authentication of arbitrary users for requests that change (1) a deal’s currency or (2) a limit via a crafted XML document.

References

packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html

seclists.org/fulldisclosure/2014/Jun/173

secunia.com/advisories/59296

www-01.ibm.com/support/docview.wss?uid=swg21675881

www.securityfocus.com/archive/1/532598/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/90938

www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.6%

Related for CVELIST:CVE-2014-0864

prion1 nvd1 cve1 zdt1 ibm1 seebug1 securityvulns2 packetstorm1 exploitpack1 exploitdb1