ID |
CVE-2014-0963
|
Summary |
The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages. Per: http://www-01.ibm.com/support/docview.wss?uid=swg21672192
"Affected Products and Versions
All versions of IBM Security Access Manager for Web, both software and appliance: 7.0, 8.0" |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:security_access_manager_for_web_software:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_access_manager_for_web_software:8.0:*:*:*:*:*:*:*
-
cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*
cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*
-
cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*
cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*
|
CVSS |
Base: | 7.1 (as of 29-08-2017 - 01:34) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-399 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:N/I:N/A:C
|
refmap
via4
|
aixapar | IV59660 | bid | 67238 | confirm | | sectrack | 1030707 | secunia | | xf | ibm-gskit-cve20140963-dos(92844) |
|
Last major update |
29-08-2017 - 01:34 |
Published |
08-05-2014 - 10:55 |
Last modified |
29-08-2017 - 01:34 |