Ibm

Algo Credit Limits

9 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2014-0871

  • EPSS 18.27%
  • Published 07.07.2014 11:01:29
  • Last modified 12.04.2025 10:46:40

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI...

3.5

CVE-2014-0894

Exploit
  • EPSS 10.75%
  • Published 07.07.2014 11:01:29
  • Last modified 12.04.2025 10:46:40

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows context-dependent attackers to discover database credentials by reading the DbUser and DbPass fields in an XML document.

6.8

CVE-2014-0864

Exploit
  • EPSS 4.4%
  • Published 07.07.2014 11:01:28
  • Last modified 12.04.2025 10:46:40

Multiple cross-site request forgery (CSRF) vulnerabilities in Executer in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allow remote attackers to hijack the authentication of arbitrary users fo...

4.9

CVE-2014-0865

  • EPSS 10.01%
  • Published 07.07.2014 11:01:28
  • Last modified 12.04.2025 10:46:40

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via cr...

4.3

CVE-2014-0866

  • EPSS 21.35%
  • Published 07.07.2014 11:01:28
  • Last modified 12.04.2025 10:46:40

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics sends cleartext credentials over HTTP, which allows remote attackers to obtain sensitive information by sniffing the network.

5.8

CVE-2014-0867

  • EPSS 16.51%
  • Published 07.07.2014 11:01:28
  • Last modified 12.04.2025 10:46:40

rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to create or modify cookies via the query string.

4.9

CVE-2014-0868

  • EPSS 11.3%
  • Published 07.07.2014 11:01:28
  • Last modified 12.04.2025 10:46:40

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via a ...

4.3

CVE-2014-0869

  • EPSS 21.35%
  • Published 07.07.2014 11:01:28
  • Last modified 12.04.2025 10:46:40

The decrypt function in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics does not require a key, which makes it easier for remote attackers to obtain cleartext passwords by sniffing the network an...

4.3

CVE-2014-0870

Exploit
  • EPSS 10.11%
  • Published 07.07.2014 11:01:28
  • Last modified 12.04.2025 10:46:40

Multiple cross-site scripting (XSS) vulnerabilities in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allow remote attackers to inject arbitrary web script or HTML via (1) the Message parameter ...