Unspecified Denial of Service Vulnerability in HP IceWall Identity Manager and SSO
CVE-2014-2600

Currently unrated

Key Information:

Vendor: HP
Status: Icewall Sso Password Reset Option; Icewall Identity Manager
Vendor: CVE Published:; 5 April 2014

What is CVE-2014-2600?

An unspecified vulnerability exists in HP IceWall Identity Manager versions 4.0 through Service Pack 1 and 5.0, as well as in IceWall SSO 10.0. This vulnerability occurs when the Apache Commons FileUpload library is utilized, permitting remote authenticated users to launch denial of service attacks through unknown vectors. The issue can disrupt normal operations and service availability for users of these products.

References

http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/...

vendor-advisoryx_refsource_HP

http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/...

vendor-advisoryx_refsource_HP

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 5, 2014
Vulnerability Reserved
Mar 24, 2014