CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

IBM Security Bulletins•added 2018/06/15 7:0 a.m.•19 views

Security Bulletin: IBM Operational Decision Manager : CVE-2014-0944, CVE-2014-0945, CVE-2014-0946

Summary This Security Bulletin addresses 3 security vulnerabilities CVE-2014-0944, CVE-2014-0945 and CVE-2014-0946 in IBM Operational Decision Manager. All issue are related to the RES Console provided in Rule Execution Server. Vulnerability Details CVE ID: CVE-2014-0944 DESCRIPTION: IBM...

6CVSS0.7AI score0.00751EPSS

Exploits0Affected Software1

NVD•added 2014/05/09 10:50 a.m.•7 views

CVE-2014-0946

The RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 does not send appropriate Cache-Control HTTP headers, which allows remote attackers to obtain sensitive information by leveraging an unattended workstation...

4.3CVSS6.2AI score0.00751EPSS

Exploits0References2

Prion•added 2014/05/09 10:50 a.m.•10 views

Cross site scripting

Cross-site scripting XSS vulnerability in the RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

3.5CVSS5.6AI score0.00441EPSS

Exploits0References2Affected Software1

Prion•added 2014/05/09 10:50 a.m.•16 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert...

6CVSS6.6AI score0.00222EPSS

Exploits0References2Affected Software1

Cvelist•added 2014/05/09 10:0 a.m.•13 views

CVE-2014-0945

5.3AI score0.00441EPSS

Exploits0References2

CVE•added 2014/05/09 10:0 a.m.•37 views

CVE-2014-0946

CVE-2014-0946 concerns IBM Operational Decision Manager (ODM) RES Console in Rule Execution Server. The vulnerability arises from missing Cache-Control HTTP headers, which could allow an attacker to obtain sensitive information from an unattended workstation. Affected products/versions include IB...

4.3CVSS6.3AI score0.00751EPSS

Exploits0References2Affected Software1

CVE•added 2014/05/09 10:0 a.m.•44 views

CVE-2014-0944

IBM ODM is vulnerable to CSRF in the RES Console of Rule Execution Server. Affected: IBM WebSphere Operational Decision Manager v7.5 (before FP3 IF37), v8.0 (before MP1 FP2), and v8.5 (before MP1 IF26). Root cause described as improper validation of user-supplied input in the RES Console, enablin...

6CVSS6.4AI score0.00222EPSS

Exploits0References2Affected Software1

CVE•added 2014/05/09 10:0 a.m.•31 views

CVE-2014-0945

IBM Operational Decision Manager (UK ODM) RES Console vulnerability CVE-2014-0945 is a cross-site scripting issue in the Rule Execution Server. A remote authenticated user can exploit a crafted URL to execute script in the victim’s browser. Affected products/versions include ODM v7.5 before FP3 I...

3.5CVSS5.4AI score0.00441EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by