CVE-2014-6098 : IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to

IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to discover cleartext passwords via a crafted request.

Published 2014-11-18 01:59:03

Updated 2025-04-12 10:46:41

Source IBM Corporation

View at NVD, CVE.org

Products affected by CVE-2014-6098

IBM » Security Identity Manager » Version: 6.0.0.1
cpe:2.3:a:ibm:security_identity_manager:6.0.0.1:*:*:*:*:*:*:*
Matching versions
IBM » Security Identity Manager » Version: 6.0.0.0
cpe:2.3:a:ibm:security_identity_manager:6.0.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Security Identity Manager » Version: 6.0.0.2
cpe:2.3:a:ibm:security_identity_manager:6.0.0.2:*:*:*:*:*:*:*
Matching versions
IBM » Security Identity Manager » Version: 6.0.0.3
cpe:2.3:a:ibm:security_identity_manager:6.0.0.3:*:*:*:*:*:*:*
Matching versions

EPSS FAQ

0.74%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 71 %

Percentile, the proportion of vulnerabilities that are scored at or less

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

Jump to