CVE-2014-4804
Last modified
CVE-2014-4804 is a vulnerability of currently unknown severity. Curam Universal Access in IBM Curam Social Program Management 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4.5 before iFix007, 6.0.5.4 before iFix005, and 6.0.5.5 before iFix003, when SPI inclusion is enabled, allows remote attackers to obtain sensitive user data by visiting an unspecified page.. EPSS estimates a 1.07% chance of exploitation in the next 30 days.
Description
Curam Universal Access in IBM Curam Social Program Management 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4.5 before iFix007, 6.0.5.4 before iFix005, and 6.0.5.5 before iFix003, when SPI inclusion is enabled, allows remote attackers to obtain sensitive user data by visiting an unspecified page.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Ibm | Curam Social Program Management | <= 5.2 | Sp6 |
| Ibm | Curam Social Program Management | 6.0 | Sp2 |
| Ibm | Curam Social Program Management | 6.0.4.5 | — |
| Ibm | Curam Social Program Management | 6.0.5.4 | — |
| Ibm | Curam Social Program Management | 6.0.5.5 | — |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-4804?
How severe is CVE-2014-4804?
How do I fix CVE-2014-4804?
Are you affected by CVE-2014-4804?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST