Main Vulnerability Database Vulnerabilities #VU41337

Resource management error in WebSphere Portal - CVE-2014-4792

Published: September 12, 2014 / Updated: August 10, 2020

Vulnerability identifier: #VU41337

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2014-4792

CWE-ID: CWE-399

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: IBM Corporation

Affected software:
WebSphere Portal

Detailed vulnerability description

The vulnerability allows a remote #AU# to perform service disruption.

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0.0 through 7.0.0.2 CF28, 8.0.0 through 8.0.0.1 CF13, and 8.5.0 before CF02 allows remote authenticated users to cause a denial of service (disk consumption) by uploading large files.

How to mitigate CVE-2014-4792

Install update from vendor's website.

Sources

http://secunia.com/advisories/61204
http://www-01.ibm.com/support/docview.wss?uid=swg1PI23334
http://www-01.ibm.com/support/docview.wss?uid=swg21681998
https://exchange.xforce.ibmcloud.com/vulnerabilities/95204

Resource management error in WebSphere Portal - CVE-2014-4792

Detailed vulnerability description

How to mitigate CVE-2014-4792

Sources

Please verify you're human