4.3

CVE-2014-3051

EPSS 0.14%
Veröffentlicht 29.10.2014 10:55:03
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle psirt@us.ibm.com
Teams Watchlist Login
Unerledigt Login

The Internet Service Monitor (ISM) agent in IBM Tivoli Composite Application Manager (ITCAM) for Transactions 7.1 and 7.2 before 7.2.0.3 IF28, 7.3 before 7.3.0.1 IF30, and 7.4 before 7.4.0.0 IF18 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain credential information via a crafted certificate.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.1.0.0

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.1.0.1

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.1.0.2

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.1.0.3

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.1.0.4

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.2.0.0

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.2.0.1

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.2.0.2

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.3.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.14%	0.311

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

http://secunia.com/advisories/59756

http://www-01.ibm.com/support/docview.wss?uid=swg21682290

Patch

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/93444

https://nvd.nist.gov/vuln/detail/CVE-2014-3051

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-3051

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-3051

EUVD