CVE-2014-0867
Summary
| CVE | CVE-2014-0867 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-07-07 11:01:00 UTC |
| Updated | 2018-10-09 19:42:00 UTC |
| Description | rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to create or modify cookies via the query string. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Algorithmics | - | All | All | All |
| Application | Ibm | Algorithmics | - | All | All | All |
| Application | Ibm | Algo Credit Limits | 4.5.0 | All | All | All |
| Application | Ibm | Algo Credit Limits | 4.7.0 | All | All | All |
| Application | Ibm | Algo Credit Limits | 4.5.0 | All | All | All |
| Application | Ibm | Algo Credit Limits | 4.7.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM Security Bulletin: Multiple Security Vulnerabilities in Certain GUI Components of IBM Algo Credit Limits. - United States | CONFIRM | www-01.ibm.com | Vendor Advisory |
| Vulnerability Lab - SEC Consult | MISC | www.sec-consult.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Full Disclosure: SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS | FULLDISC | seclists.org | |
| IBM Algorithmics RICOS Disclosure / XSS / CSRF ≈ Packet Storm | MISC | packetstormsecurity.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.