Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0946

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2014-0946
Last Modified 09 May 2014 02:21:47
Published 09 May 2014 06:50:25
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-0946

Summary

The RES Console in Rule Execution Server in IBM Operational Decision Manager 7.5 before FP3 IF37, 8.0 before MP1 FP2, and 8.5 before MP1 IF26 does not send appropriate Cache-Control HTTP headers, which allows remote attackers to obtain sensitive information by leveraging an unattended workstation.

Vulnerable Systems

Application

  • Ibm Operational Decision Manager 7.5

  • Ibm Operational Decision Manager 8.0

  • Ibm Operational Decision Manager 8.5


References

XF - ibm-odm-cve20140946-cache(92573)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21671324


Last Updated: 27 May 2016 11:05:15