PT-2017-5933 · Ibm · Ibm Curam Social Program Management

Publicado

2017-06-08

Atualizado

2017-06-15

CVE-2014-4843

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: IBM Curam Social Program Management (SPM) versions 6.0 SP2 before EP26 IBM Curam Social Program Management (SPM) versions 6.0.4 before 6.0.4.6 IBM Curam Social Program Management (SPM) versions 6.0.5 before 6.0.5.5 iFix5

Description: The issue allows remote attackers to obtain sensitive information about internal caseworker usernames via vectors related to a URL.

Recommendations: For versions 6.0 SP2 before EP26, update to EP26 or later. For versions 6.0.4 before 6.0.4.6, update to 6.0.4.6 or later. For versions 6.0.5 before 6.0.5.5 iFix5, update to 6.0.5.5 iFix5 or later.

Correção

Improperly Implemented Security Check for Standard

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-358

Identificadores relacionados

CVE-2014-4843

Produtos afetados

Ibm Curam Social Program Management

PT-2017-5933 · Ibm · Ibm Curam Social Program Management

CVE-2014-4843

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3