Main Vulnerability Database Vulnerabilities #VU41189

Input validation error in WebSphere Portal - CVE-2014-4808

Published: October 28, 2014 / Updated: August 10, 2020

Vulnerability identifier: #VU41189

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2014-4808

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: IBM Corporation

Affected software:
WebSphere Portal

Detailed vulnerability description

The vulnerability allows a remote #AU# to read and manipulate data.

Unspecified vulnerability in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 through 8.0.0.1 CF14, and 8.5.0 before CF03 allows remote authenticated users to execute arbitrary code via unknown vectors.

How to mitigate CVE-2014-4808

Install update from vendor's website.

Sources

http://secunia.com/advisories/59740
http://www.securityfocus.com/bid/70757
http://www-01.ibm.com/support/docview.wss?uid=swg1PI25993
http://www-01.ibm.com/support/docview.wss?uid=swg21684651
https://exchange.xforce.ibmcloud.com/vulnerabilities/95375

Input validation error in WebSphere Portal - CVE-2014-4808

Detailed vulnerability description

How to mitigate CVE-2014-4808

Sources

Please verify you're human