Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-6214

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2014-6214
Last Modified 11 Aug 2015 01:51:33
Published 12 Mar 2015 09:59:19
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-6214

Summary

Cross-site request forgery (CSRF) vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF15 and 8.5.0 before CF05 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

Vulnerable Systems

Application

  • Ibm Websphere Portal 8.0.0.0

  • Ibm Websphere Portal 8.0.0.1

  • Ibm Websphere Portal 8.5.0.0


References

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21697213

AIXAPAR - PI34987

SECTRACK - 1031880


Last Updated: 27 May 2016 11:08:05