1. Home
  2. CVE Database
  3. CVE-2014-0868
MEDIUM · 4.9

CVE-2014-0868

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intende...

Vulnerability Description

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via a crafted XML document, as demonstrated by manipulation of read-only limit data.

CVSS Score

4.9

MEDIUM

AV:N/AC:M/Au:S/C:N/I:P/A:P
Confidentiality
NONE
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
IbmAlgo Credit Limits4.5.0
IbmAlgorithmics-

Related Weaknesses (CWE)

CWE-20

References

FAQ

What is CVE-2014-0868?

CVE-2014-0868 is a vulnerability with a CVSS score of 4.9 (MEDIUM). RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intende...

How severe is CVE-2014-0868?

CVE-2014-0868 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-0868?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Algo Credit Limits, Ibm Algorithmics.