CVE-2014-4843

CWE-3583 documents3 sources
Severity
5.3MEDIUM
EPSS
0.2%
top 63.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Curam Social Program Management
Timeline
PublishedJun 8
Latest updateMay 17

Description

Curam Universal Access in IBM Curam Social Program Management (SPM) 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.5 iFix5 allows remote attackers to obtain sensitive information about internal caseworker usernames via vectors related to a URL.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-5952-327w-4pc5: Curam Universal Access in IBM Curam Social Program Management (SPM) 62022-05-17
CVEList
CVE-2014-4843: Curam Universal Access in IBM Curam Social Program Management (SPM) 62017-06-08
CVE-2014-4843 (MEDIUM CVSS 5.3) | Curam Universal Access in IBM Curam | cvebase.io