5.3
CVE-2014-4843
- EPSS 0.16%
- Published 08.06.2017 16:29:00
- Last modified 20.04.2025 01:37:25
- Source psirt@us.ibm.com
- Teams watchlist Login
- Open Login
Curam Universal Access in IBM Curam Social Program Management (SPM) 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.5 iFix5 allows remote attackers to obtain sensitive information about internal caseworker usernames via vectors related to a URL.
Data is provided by the National Vulnerability Database (NVD)
Ibm ≫ Curam Social Program Management Version6.0 Updatesp2
Ibm ≫ Curam Social Program Management Version6.0.4.0
Ibm ≫ Curam Social Program Management Version6.0.4.1
Ibm ≫ Curam Social Program Management Version6.0.4.2
Ibm ≫ Curam Social Program Management Version6.0.4.3
Ibm ≫ Curam Social Program Management Version6.0.4.4
Ibm ≫ Curam Social Program Management Version6.0.4.5
Ibm ≫ Curam Social Program Management Version6.0.5.0
Ibm ≫ Curam Social Program Management Version6.0.5.1
Ibm ≫ Curam Social Program Management Version6.0.5.2
Ibm ≫ Curam Social Program Management Version6.0.5.3
Ibm ≫ Curam Social Program Management Version6.0.5.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.33 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-358 Improperly Implemented Security Check for Standard
The product does not implement or incorrectly implements one or more security-relevant checks as specified by the design of a standardized algorithm, protocol, or technique.