CVE-2014-0871

Loading...

General

Score:4.3/10.0
Severity:Low
Category:Information Leak / Disclosure
Exploit:Available

Impact Metrics

Confidentiality:Partial
Integrity:None
Availability:None

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 07/07/14 - Updated on 09/10/18

Description

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI, as demonstrated by the \x00 character.

Category: Information Leak / Disclosure

CWE-200 (Information Exposure)
An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

Security Notices

US National Vulnerability DatabaseCVE-2014-0871

Exploits

Exploit-DBEDB-33942

Relative technologies

VendorProduct
ibmalgorithmics
ibmalgo_credit_limits

Share this vulnerability with:

Twitter Facebook LinkedIn Mail