Vulnerability Details : CVE-2014-3073
Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote attackers to execute arbitrary code via unknown vectors.
Vulnerability category: Execute code
Products affected by CVE-2014-3073
- cpe:2.3:a:ibm:security_access_manager_for_web_software:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_access_manager_for_mobile_software:8.0:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-3073
1.64%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 87 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-3073
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2014-3073
-
http://www-01.ibm.com/support/docview.wss?uid=swg1IV61563
IBM notice: The page you requested cannot be displayed
-
http://www-01.ibm.com/support/docview.wss?uid=swg21676699
IBM Security Bulletin: IBM Security Access Manager for Mobile and IBM Security Access Manager for Web appliances - Remote Code Execution (CVE-2014-3073)Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/93790
IBM Security Access Manager for Mobile and IBM Security Access Manager for Web appliances - Remote Code Execution CVE-2014-3073 Vulnerability Report
-
http://www.securityfocus.com/bid/68137
IBM Security Access Manager CVE-2014-3073 Remote Code Execution Vulnerability
Jump to