IBM RLKS Administration and Reporting Tool CVE-2014-3079 Authorization Bypass Vulnerability

Bugtraq ID:	69643
Class:	Access Validation Error
CVE:	CVE-2014-3079
Remote:	Yes
Local:	No
Published:	Sep 04 2014 12:00AM
Updated:	Sep 15 2014 12:07AM
Credit:	IBM
Vulnerable:
Not Vulnerable:

IBM RLKS Administration and Reporting Tool CVE-2014-3079 Authorization Bypass Vulnerability

IBM RLKS Administration and Reporting Tool is prone to an authorization-bypass vulnerability because of insufficient authorization enforcement.

Attackers can exploit this issue to obtain sensitive information that may aid in further attacks.

IBM RLKS Administration and Reporting Tool 8.1.4, 8.1.4.2, and 8.1.4.3 are vulnerable.

IBM RLKS Administration and Reporting Tool CVE-2014-3079 Authorization Bypass Vulnerability

Attackers can exploit this issue using readily available tools.

IBM RLKS Administration and Reporting Tool CVE-2014-3079 Authorization Bypass Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

IBM RLKS Administration and Reporting Tool CVE-2014-3079 Authorization Bypass Vulnerability

References: