CVE-2014-4809

3 documents3 sources
Severity
7.1HIGH
EPSS
0.9%
top 23.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
IBM Security Access Manager FOR WEB 7.0 FirmwareIBM Security Access Manager FOR WEB 8.0 FirmwareIBM Security Access Manager FOR WEB Appliance
Timeline
PublishedOct 3
Latest updateMay 17

Description

The WebSEAL component in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, when e-community SSO is enabled, allows remote attackers to cause a denial of service (component hang) via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages1 packages

NVDibm/security_access_manager14 versions+13

Patches

Patch: www-01.ibm.comPatch: www-01.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-72qr-f4wf-pgvp: The WebSEAL component in IBM Security Access Manager for Web 72022-05-17
CVEList
CVE-2014-4809: The WebSEAL component in IBM Security Access Manager for Web 72014-10-03
CVE-2014-4809 (HIGH CVSS 7.1) | The WebSEAL component in IBM Securi | cvebase.io