Information Disclosure Vulnerability in IBM Curam Social Program Management
CVE-2014-4804

Currently unrated

Key Information:

Vendor: IBM
Status: Curam Social Program Management
Vendor: CVE Published:; 14 February 2015

What is CVE-2014-4804?

An information disclosure vulnerability exists in IBM Curam Social Program Management, affecting various versions prior to specified service packs and fixes. When SPI inclusion is enabled, remote attackers can potentially access sensitive user information by simply visiting a vulnerable page. Organizations utilizing affected versions of IBM Curam should apply the appropriate updates to mitigate the risk of data exposure.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95306

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21695931

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2015
Vulnerability Reserved
Jul 9, 2014