CVE-2014-6076

{"id": "CVE-2014-6076", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2014-12-18T16:59:00.067", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684475", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95729", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21684475", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95729", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-254"}]}], "descriptions": [{"lang": "en", "value": "IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site."}, {"lang": "es", "value": "IBM Security Access Manager for Mobile 8.x anterior a 8.0.1 y Security Access Manager for Web 7.x anterior a 7.0.0 FP10 y 8.x anterior a 8.0.1 permite a atacantes remotos llevar a cabo ataques de clickjacking trav\u00e9s de un sitio web modificado."}], "lastModified": "2024-11-21T02:13:44.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FF1B0C02-D5D9-4F10-9120-C76D39D5C323"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4133E7B3-02B3-44C8-BBD7-234E06C3EC70"}, {"criteria": "cpe:2.3:a:ibm:security_access_manager_for_web:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A4AD958-FDB2-4F63-AD4F-C88B33BFA692"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}