Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-6160

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2014-6160
Last Modified 30 Dec 2014 10:37:56
Published 28 Dec 2014 09:59:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-6160

Summary

IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.

Vulnerable Systems

Application

  • Ibm Websphere Service Registry And Repository 8.5


References

XF - ibm-wsrr-cve20146160-logout(97709)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21693389

AIXAPAR - IV63498


Last Updated: 27 May 2016 11:07:22