Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: Insufficient authorization check for project actions in WebSphere Lombardi Edition (CVE-2014-4844) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
By using WebSphere Lomabrdi Edition (WLE) you can import and export process applications and toolkits. Although this functionality is available only to authorized users, the actual server side code accepts requests from lower privileged users. CVE(s): CVE-2014-4844 Affected product(s) and affected version(s): WebSphere Lombardi Edition 7.2 If you are using an earlier unsupported release, IBM strongly recommends to upgrade. Refer to the following reference URLs for remediation and More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_insufficient_authorization_check_for_project_actions_in_websphere_lombardi_edition_cve_2014_4844?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2014-4844 ,CVE-2014-3508 ,CVE-2014-3509 ,CVE-2014-3511 and CVE-2014-5139. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-12-19 |