Remote Code Execution Vulnerability in IBM Security Access Manager for Mobile and Web
CVE-2014-6083

Currently unrated

Key Information:

Vendor: IBM
Status: Security Access Manager For Web
Vendor: CVE Published:; 18 December 2014

Summary

Certain versions of the IBM Security Access Manager for Mobile and Web are susceptible to a vulnerability that allows remote attackers to intercept network traffic and capture sensitive cookie information during an active HTTP session. This could lead to unauthorized access to user accounts and sensitive data if exploited, emphasizing the need for secure transmission and encryption measures.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21684475

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358

vendor-advisoryx_refsource_AIXAPAR

https://exchange.xforce.ibmcloud.com/vulnerabilities/95810

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 18, 2014
Vulnerability Reserved
Sep 2, 2014