Remote Data Modification Vulnerability in IBM Rational Focal Point
CVE-2014-0839

Currently unrated

Key Information:

Vendor: IBM
Status: Rational Focal Point
Vendor: CVE Published:; 26 February 2014

Summary

IBM Rational Focal Point versions 6.4.x, 6.5.x (prior to 6.5.2.3), and 6.6.x (prior to 6.6.1) are vulnerable to a flaw that allows remote authenticated users to modify data. This vulnerability arises from improper handling of direct object references, permitting unauthorized alterations to data by exploiting a lack of access controls.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21665005

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/90696

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 26, 2014
Vulnerability Reserved
Jan 6, 2014