PT-2014-3979 · Ibm · Ibm Global Security Kit+1

Published

2014-05-08

·

Updated

2017-08-29

·

CVE-2014-0963

CVSS v2.0

7.1

High

VectorAV:N/AC:M/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions IBM Security Access Manager (ISAM) for Web versions 7.0 through 7.0.0-ISS-SAM-IF0005 IBM Security Access Manager (ISAM) for Web versions 8.0 through 8.0.0.3-ISS-WGA-IF0001
Description The issue allows remote attackers to cause a denial of service, resulting in an infinite loop, via crafted SSL messages. This is related to the Reverse Proxy feature in IBM Global Security Kit.
Recommendations For IBM Security Access Manager (ISAM) for Web version 7.0, update to 7.0.0-ISS-SAM-IF0006 or later. For IBM Security Access Manager (ISAM) for Web version 8.0, update to 8.0.0.3-ISS-WGA-IF0002 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2014-0963

Affected Products

Ibm Global Security Kit
Ibm Security Access Manager For Web