Boletines de Vulnerabilidades

IBM Security Bulletin: Elevation of privileges with version 7 of Embedded WAS affects Identity Insight (CVE-2014-3020)

Información sobre el sistema
   
Software afectado IBM

Descripción
eWAS 7.0 install script used by Identity Insight installer may allow elevation of privileges on UNIX platforms CVE(s): CVE-2014-3020 Affected product(s) and affected version(s): InfoSphere Identity Insight v8.1 and 8.0 – UNIX platforms. Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21680841 X-Force Database: http://xforce.iss.net/xforce/xfdb/93056

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_elevation_of_privileges_with_version_7_of_embedded_was_affects_identity_insight_cve_2014_3020?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2014-3020 ,CVE-2014-3069 ,CVE-2014-0224 ,CVE-2014-0453 and CVE-2014-0905.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-08-09

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT