CVE-2014-3076Sensitive Information Exposure in IBM Business Process Manager

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.4%
top 37.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Business Process Manager
Timeline
PublishedAug 11
Latest updateMay 17

Description

IBM Business Process Manager (BPM) 8.5 through 8.5.5 allows remote attackers to obtain potentially sensitive information by visiting an unspecified JSP diagnostic page.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/business_process_manager8.5.0.0, 8.5.0.1, 8.5.5.0+2

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-fwmx-58pw-7jj2: IBM Business Process Manager (BPM) 82022-05-17
CVEList
CVE-2014-3076: IBM Business Process Manager (BPM) 82014-08-11
CVE-2014-3076 — Sensitive Information Exposure in IBM | cvebase