5 matches found
Security Bulletin: Various security issues exist in WebSphere Service Registry and Repository version 8.0
Summary This bulletin describes a variety of minor security issues that have been found and fixed in WebSphere Service Registry and Repository version 8.0 Vulnerability Details CVE ID: CVE-2014-6153 DESCRIPTION: WSRR WEBUI ISSUES A COOKIE WHICH IS NOT DECLARED SSL ONLY. CVSS CVSS Base Score: 2.6...
Security Bulletin: Various security issues exist in WebSphere Service Registry and Repository version 8.5
Summary This bulletin describes a variety of noncritical security issues that have been found and fixed in WebSphere Service Registry and Repository version 8.5. Vulnerability Details CVE ID: CVE-2014-6153 DESCRIPTION: WSRR WEBUI ISSUES A COOKIE WHICH IS NOT DECLARED SSL ONLY. CVSS CVSS Base Scor...
Security Bulletin: Various security issues exist in WebSphere Service Registry and Repository version 7.5
Summary This bulletin describes a variety of minor security issues that have been found and fixed in WebSphere Service Registry and Repository version 7.5 Vulnerability Details CVE ID: CVE-2014-6153 DESCRIPTION: WSRR WEBUI ISSUES A COOKIE WHICH IS NOT DECLARED SSL ONLY. CVSS CVSS Base Score: 2.6...
IBM WebSphere Service Registry and Repository 8.5 < 8.5.0.1 Multiple Vulnerabilities
The version of IBM WebSphere Service Registry and Repository WSRR is version 8.5 prior to 8.5.0.1. It is therefore, affected by multiple vulnerabilities : - An unspecified DOM based cross-site scripting XSS vulnerability in the WSRR web UI. CVE-2014-6132 - WSSR web interface issues a cookie that ...
CVE-2014-6153
CVE-2014-6153 affects IBM WebSphere Service Registry and Repository (WSRR) across multiple releases (6.3.x–6.3.0.5, 7.0.x–7.0.0.5, 7.5.x–7.5.0.4, 8.0.x before 8.0.0.3, 8.5.x before 8.5.0.1). The Web UI does not set the secure flag on cookies in HTTPS sessions, enabling cookie interception. Remedi...