CVE-2014-3056Sensitive Information Exposure in IBM Websphere Portal

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.3%
top 44.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Websphere PortalIBM Websphere Portal Unified Task List Portlet
Timeline
PublishedJul 29
Latest updateMay 17

Description

The Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to obtain potentially sensitive information about environment variables and JAR versions via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDibm/websphere_portal5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-8953-36hj-2fm9: The Unified Task List (UTL) Portlet for IBM WebSphere Portal 72022-05-17
CVEList
CVE-2014-3056: The Unified Task List (UTL) Portlet for IBM WebSphere Portal 72014-07-29
CVE-2014-3056 — Sensitive Information Exposure in IBM | cvebase