CVE-2014-6177

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Service Registry And Repository
Vendor: CVE Published:; 24 December 2014

Summary

IBM WebSphere Service Registry and Repository (WSRR) 7.0.x before 7.0.0.5 and 7.5.x before 7.5.0.3 does not perform access-control checks for depth-0 retrieve operations, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

References

http://www.ibm.com/support/docview.wss?uid=swg21693384

x_refsource_CONFIRM

http://www-01.ibm.com/support/docview.wss?uid=swg1IV24386

vendor-advisoryx_refsource_AIXAPAR

http://www.ibm.com/support/docview.wss?uid=swg21693381

x_refsource_CONFIRM

Timeline

Vulnerability published
Dec 24, 2014
Vulnerability Reserved
Sep 2, 2014