6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
CVE-2013-5879 Oracle Outside In Technology Outside In Maintenance unauthorized access
CVE-2014-0411 A vulnerability exists in IBM SDK Java™ Technology Edition Version 6 that is shipped with IBM Content Classification. It is related to the Java™ Secure Socket Extension component.
DESCRIPTION
An unspecified vulnerability in Oracle Outside In Technology related to the Outside In Maintenance component could allow a local attacker to cause a denial of service or possibly be used by a remote attacker to execute code on server installations.
CVSS Base Score: 6.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/90282 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)
CVE-2014-0411
DESCRIPTION
Timing differences based on the validity of messages can be exploited to decrypt the
entire session. The exploit is not trivial, requiring a man-in-the-middle position and a
long time (around 20 hours). The fix eliminates the timing differences.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/90357> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:P/I:P/A:N)
IBM Content Classification 8.8
IBM InfoSphere Classification Module 8.7
For Content Classification 8.8 download Fix Pack 1 from Fix Central. For instructions, see:
IBM Content Classification Version 8.8 Fix Pack 1
For IBM InfoSphere Classification Module 8.7 download iFix 3 from Fix Central. For instructions see:
IBM InfoSphere Classification Module Version 8.7 Interim Fix 3
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm content classification | eq | 8.8 | |
ibm content classification | eq | 8.7 |