Vulnerability Details : CVE-2014-6193
IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0 before CF04, when the Managed Pages setting is enabled, allows remote authenticated users to write to pages via an XML injection attack.
Products affected by CVE-2014-6193
- cpe:2.3:a:ibm:websphere_portal:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.5.0.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-6193
0.34%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 54 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-6193
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.9
|
MEDIUM | AV:N/AC:M/Au:S/C:N/I:P/A:P |
6.8
|
4.9
|
NIST |
References for CVE-2014-6193
-
http://www-01.ibm.com/support/docview.wss?uid=swg1PI28699
IBM notice: The page you requested cannot be displayed
-
http://www-01.ibm.com/support/docview.wss?uid=swg21692107
IBM Security Bulletin: Fixes available for Security Vulnerabilities in IBM WebSphere Portal (CVE-2014-6171, CVE-2014-6193, CVE-2014-8902)Patch;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/98567
IBM WebSphere Portal XML injection CVE-2014-6193 Vulnerability Report
Jump to