7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Security Bulletin: Open Source Apache Struts V1 ClassLoader manipulation vulnerability (CVE-2014-0114) in IBM Content Navigator
**CVEID:**CVE-2014-0114
DESCRIPTION:
Open Source Apache Struts V1 ClassLoader manipulation vulnerability
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/92889> for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)
IBM Content Navigator 2.0.0, 2.0.1, and 2.0.2
IBM Content Navigator is a component that is available to customers in these products (and the products that contain them):
· IBM Content Manager
· IBM FileNet Content Manager
· IBM Content Foundation
· IBM Content Manager OnDemand
Version 2.0.0: Upgrade to Content Navigator 2.0.2 and apply fix pack 2.0.2.4-ICN-FP004
Version 2.0.1: Apply Interim Fix 2.0.1.2-ICN-IF002
Version 2.0.2: Apply fix pack 2.0.2.4-ICN-FP004
N/A
CPE | Name | Operator | Version |
---|---|---|---|
ibm content navigator | eq | 2.0.2 | |
ibm content navigator | eq | 2.0.1 | |
ibm content navigator | eq | 2.0 |