Main Vulnerability Database Vulnerabilities #VU41633

Resource management error in WebSphere Portal - CVE-2014-0949

Published: May 22, 2014 / Updated: August 10, 2020

Vulnerability identifier: #VU41633

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2014-0949

CWE-ID: CWE-399

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: IBM Corporation

Affected software:
WebSphere Portal

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to cause a denial of service (resource consumption and daemon crash) via a crafted web request.

How to mitigate CVE-2014-0949

Install update from vendor's website.

Sources

http://www-01.ibm.com/support/docview.wss?uid=swg1PI15692
http://www-01.ibm.com/support/docview.wss?uid=swg21672572
https://exchange.xforce.ibmcloud.com/vulnerabilities/92622

Resource management error in WebSphere Portal - CVE-2014-0949

Detailed vulnerability description

How to mitigate CVE-2014-0949

Sources

Please verify you're human