CVE-2014-0963

Sažetak

The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages.

Reference

http://secunia.com/advisories/58845
http://secunia.com/advisories/59245
http://secunia.com/advisories/59249
http://www.ibm.com/support/docview.wss?uid=swg21675496
http://www.securityfocus.com/bid/67238
http://www.securitytracker.com/id/1030707
http://www-01.ibm.com/support/docview.wss?uid=swg1IV59660
http://www-01.ibm.com/support/docview.wss?uid=swg21672192
http://www-01.ibm.com/support/docview.wss?uid=swg21676091
http://www-01.ibm.com/support/docview.wss?uid=swg21676092
http://www-304.ibm.com/support/docview.wss?uid=swg21680803
https://exchange.xforce.ibmcloud.com/vulnerabilities/92844

CVSS

Base:	7.1
Impact:	6.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

29-08-2017 - 01:34

Objavljeno

08-05-2014 - 10:55