CVE-2014-8887Improper Input Validation in IBM Marketing Operations

CWE-20Improper Input Validation3 documents3 sources
Severity
4.0MEDIUMNVD
EPSS
0.2%
top 58.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Marketing Operations
Timeline
PublishedJun 7
Latest updateMay 17

Description

IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/marketing_operations64 versions+63

🔴Vulnerability Details

2
GHSA
GHSA-4grj-7gv3-r7f2: IBM Marketing Operations 72022-05-17
CVEList
CVE-2014-8887: IBM Marketing Operations 72015-06-07
CVE-2014-8887 — Improper Input Validation in IBM | cvebase