1. Home
  2. CVE Database
  3. CVE-2014-0871
MEDIUM · 4.3

CVE-2014-0871

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-pr...

Vulnerability Description

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-printing characters in a cookie to the /classes/ URI, as demonstrated by the \x00 character.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:P/I:N/A:N
Confidentiality
PARTIAL
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
IbmAlgo Credit Limits4.5.0
IbmAlgorithmics-

Related Weaknesses (CWE)

CWE-200

References

FAQ

What is CVE-2014-0871?

CVE-2014-0871 is a vulnerability with a CVSS score of 4.3 (MEDIUM). RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to obtain potentially sensitive Tomcat stack-trace information via non-pr...

How severe is CVE-2014-0871?

CVE-2014-0871 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-0871?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Algo Credit Limits, Ibm Algorithmics.