Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-0867

4 documents4 sources
Severity
5.8MEDIUM
EPSS
15.4%
top 5.34%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
IBM Algo Credit Limits
Timeline
PublishedJul 7
Latest updateMay 14

Description

rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to create or modify cookies via the query string.

CVSS vector

AV:N/AC:M/C:N/I:P/A:PExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

NVDibm/algo_credit_limits4.5.0, 4.7.0+1

🔴Vulnerability Details

2
GHSA
GHSA-3mf2-x699-cxr9: rcore6/main/addcookie2022-05-14
CVEList
CVE-2014-0867: rcore6/main/addcookie2014-07-07

💥Exploits & PoCs

1
Exploit-DB
IBM Algorithmics RICOS 4.5.0 < 4.7.0 - Multiple Vulnerabilities2014-07-01
CVE-2014-0867 (MEDIUM CVSS 5.8) | rcore6/main/addcookie.jsp in RICOS | cvebase.io