CVE-2014-0868

Name of the Vulnerable Software and Affected Versions IBM Algo Credit Limits (ACLM) versions 4.5.0 through 4.7.0 before 4.7.0.03 FP5

Description The issue relies on client-side input validation, allowing remote authenticated users to bypass intended dual-control restrictions and modify data via a crafted XML document. This can be demonstrated by manipulation of read-only limit data.

Recommendations For IBM Algo Credit Limits (ACLM) versions 4.5.0 through 4.7.0 before 4.7.0.03 FP5, update to version 4.7.0.03 FP5 or later to resolve the issue. As a temporary workaround, consider restricting access to modify data via crafted XML documents to minimize the risk of exploitation.