Remote Class Loading Vulnerability in IBM Curam Social Program Management
CVE-2014-8903
8.8HIGH
Summary
IBM Curam Social Program Management versions prior to EP26 of 6.0 SP2, 6.0.4.5iFix10, and 6.0.5.6 are vulnerable to a security issue that allows remote authenticated users to load arbitrary Java classes through unspecified vectors. This vulnerability poses significant risks as it could allow attackers to execute malicious code within the application context.
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved