CVE-2014-3053
Last modified
CVE-2014-3053 is a vulnerability of currently unknown severity. The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials.. EPSS estimates a 1.37% chance of exploitation in the next 30 days.
Description
The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Security Access Manager For Web 8.0 Firmware | 8.0.0.2 |
| Ibm | Security Access Manager For Web 8.0 Firmware | 8.0.0.3 |
| Ibm | Security Access Manager For Web Appliance | 8.0 |
| Ibm | Security Access Manager For Mobile Software | 8.0 |
| Ibm | Security Access Manager For Web Software | 7.0 |
| Ibm | Security Access Manager For Web Software | 8.0 |
| Ibm | Security Access Manager For Mobile Appliance | 8.0 |
| Ibm | Security Access Manager For Web Appliance | 7.0 |
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21676700Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21676700Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-3053?
How severe is CVE-2014-3053?
How do I fix CVE-2014-3053?
Are you affected by CVE-2014-3053?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST