CVE-2014-3053

Sažetak

The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials.

Reference

http://secunia.com/advisories/59381
http://secunia.com/advisories/59438
http://www.securityfocus.com/bid/68132
http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557
http://www-01.ibm.com/support/docview.wss?uid=swg21676389
http://www-01.ibm.com/support/docview.wss?uid=swg21676700
https://exchange.xforce.ibmcloud.com/vulnerabilities/93501

CVSS

Base:	8.0
Impact:	9.5
Exploitability:	6.5

Pristup

Vektor	Složenost	Autentikacija
ADJACENT_NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	PARTIAL	COMPLETE

CVSS vektor

AV:A/AC:L/Au:N/C:C/I:P/A:C

Zadnje važnije ažuriranje

29-08-2017 - 01:34

Objavljeno

21-06-2014 - 15:55