Vulnerability Details : CVE-2014-0959
IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote authenticated users to cause a denial of service (infinite loop) via a login redirect.
Vulnerability category: Input validationDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2014-0959
Probability of exploitation activity in the next 30 days: 0.30%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 65 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-0959
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:N/I:N/A:P |
8.0
|
2.9
|
NIST |
CWE ids for CVE-2014-0959
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-0959
-
http://www-01.ibm.com/support/docview.wss?uid=swg21672572
IBM Security Bulletin: Fixes available for Security Vulnerabilities in IBM WebSphere Portal (Multiple CVEs)Patch;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/92741
IBM WebSphere Portal denial of service CVE-2014-0959 Vulnerability Report
-
http://www-01.ibm.com/support/docview.wss?uid=swg1PI16462
IBM notice: The page you requested cannot be displayed
Products affected by CVE-2014-0959
- cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf002:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf003:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf004:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf005:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf012:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf013:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf014:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf015:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf009:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf011:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf016:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf018:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf01:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf006:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf007:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf008:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf02:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf010:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf017:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf021:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf022:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.0:cf001:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf019:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf019:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf020:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf05:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf04:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf04:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf05:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf03:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf23:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf26:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf27:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf24:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf25:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf07:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf08:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf09:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf10:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf11:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf12:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.5.3:cf27:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.6:cf27:*:*:*:*:*:*