4.3

CVE-2014-3051

EPSS 0.14%
Published 29.10.2014 10:55:03
Last modified 12.04.2025 10:46:40
Source psirt@us.ibm.com
Teams watchlist Login
Open Login

The Internet Service Monitor (ISM) agent in IBM Tivoli Composite Application Manager (ITCAM) for Transactions 7.1 and 7.2 before 7.2.0.3 IF28, 7.3 before 7.3.0.1 IF30, and 7.4 before 7.4.0.0 IF18 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain credential information via a crafted certificate.

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.1.0.0

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.1.0.1

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.1.0.2

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.1.0.3

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.1.0.4

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.2.0.0

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.2.0.1

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.2.0.2

Ibm ≫ Tivoli Composite Application Manager For Transactions Version7.3.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.14%	0.311

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

http://secunia.com/advisories/59756

http://www-01.ibm.com/support/docview.wss?uid=swg21682290

Patch

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/93444

https://nvd.nist.gov/vuln/detail/CVE-2014-3051

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-3051

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-3051

EUVD