Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-6193

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2014-6193
Last Modified 19 Dec 2014 12:30:00
Published 18 Dec 2014 09:59:03
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2014-6193

Summary

IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0 before CF04, when the Managed Pages setting is enabled, allows remote authenticated users to write to pages via an XML injection attack.

Vulnerable Systems

Application

  • Ibm Websphere Portal 8.0.0.0

  • Ibm Websphere Portal 8.0.0.1

  • Ibm Websphere Portal 8.5.0.0


References

XF - ibm-wsportal-cve20146193-xml-injection(98567)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21692107

AIXAPAR - PI28699


Last Updated: 27 May 2016 11:07:20