Lucene search

[email protected]NVD:CVE-2014-0867

HistoryJul 07, 2014 - 11:01 a.m.

CVE-2014-0867

2014-07-0711:01:28

[email protected]

web.nvd.nist.gov

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.5%

JSON

rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to create or modify cookies via the query string.

Affected configurations

NVD

Node

ibmalgo_credit_limitsMatch4.5.0

ibmalgo_credit_limitsMatch4.7.0

ibmalgorithmicsMatch-

References

packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html

seclists.org/fulldisclosure/2014/Jun/173

www-01.ibm.com/support/docview.wss?uid=swg21675881

www.securityfocus.com/archive/1/532598/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/90941

www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

6.3 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.5%

JSON

Related for NVD:CVE-2014-0867

cve1 prion1 cvelist1 ibm1 seebug1 securityvulns2 exploitpack1 packetstorm1 exploitdb1