CVE-2014-6088

CWE-200Information Exposure3 documents3 sources
Severity
5.0MEDIUM
EPSS
0.3%
top 50.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
IBM Security Access Manager FOR MobileIBM Security Access Manager FOR WEB
Timeline
PublishedDec 18
Latest updateMay 17

Description

IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to obtain sensitive information by sniffing the network during use of the null SSL cipher.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-f3vv-h73v-c4p4: IBM Security Access Manager for Mobile 82022-05-17
CVEList
CVE-2014-6088: IBM Security Access Manager for Mobile 82014-12-18
CVE-2014-6088 (MEDIUM CVSS 5) | IBM Security Access Manager for Mob | cvebase.io