Access Control Bypass in IBM WebSphere Service Registry and Repository
CVE-2014-6181

Currently unrated

Key Information:

Vendor: IBM
Status: Websphere Service Registry And Repository
Vendor: CVE Published:; 24 December 2014

What is CVE-2014-6181?

The affected version of IBM WebSphere Service Registry and Repository (WSRR) fails to implement proper access control measures for contained objects. This oversight may permit remote authenticated users to access sensitive information through various unspecified vectors, potentially exposing confidential data and compromising the integrity of the system. It is crucial for organizations using this software to apply the necessary updates to mitigate the risk associated with this vulnerability.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/98517

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg1IV25285

vendor-advisoryx_refsource_AIXAPAR

http://www.ibm.com/support/docview.wss?uid=swg21693381

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 24, 2014
Vulnerability Reserved
Sep 2, 2014