Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-6187

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2014-6187
Last Modified 24 Dec 2014 11:23:51
Published 24 Dec 2014 06:59:09
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2014-6187

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x before 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.2 allow remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

Vulnerable Systems

Application

  • Ibm Websphere Service Registry And Repository 6.3.0

  • Ibm Websphere Service Registry And Repository 6.3.0.1

  • Ibm Websphere Service Registry And Repository 6.3.0.2

  • Ibm Websphere Service Registry And Repository 6.3.0.3

  • Ibm Websphere Service Registry And Repository 6.3.0.4

  • Ibm Websphere Service Registry And Repository 7.0.0

  • Ibm Websphere Service Registry And Repository 7.0.0.1

  • Ibm Websphere Service Registry And Repository 7.0.0.2

  • Ibm Websphere Service Registry And Repository 7.0.0.3

  • Ibm Websphere Service Registry And Repository 7.0.0.4

  • Ibm Websphere Service Registry And Repository 7.5.0.0

  • Ibm Websphere Service Registry And Repository 7.5.0.1

  • Ibm Websphere Service Registry And Repository 7.5.0.2

  • Ibm Websphere Service Registry And Repository 8.0

  • Ibm Websphere Service Registry And Repository 8.0.0.1


References

XF - ibm-wsrr-cve20146187-csrf(98553)

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21693387

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21693384

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21693381

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg21693379

AIXAPAR - IV26727


Last Updated: 27 May 2016 11:07:21