PT-2014-6127 · Ibm · Ibm Sterling Selling/Fulfillment Suite
Published
2014-11-23
·
Updated
2017-08-29
·
CVE-2014-4807
CVSS v2.0
4.0
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:N/A:P |
Name of the Vulnerable Software and Affected Versions
IBM Sterling Selling and Fulfillment Suite version 9.3.0 before FP8
Description
The issue allows remote authenticated users to cause a denial of service, specifically CPU consumption, by exploiting a vulnerability in Sterling Order Management. This can be achieved by using a '0' character.
Recommendations
For IBM Sterling Selling and Fulfillment Suite version 9.3.0 before FP8, apply FP8 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Sterling Selling/Fulfillment Suite