Vulnerability Description
IBM WebSphere Commerce 6.0 Feature Pack 2 through Feature Pack 5, 7.0.0.0 through 7.0.0.8, and 7.0 Feature Pack 1 through Feature Pack 7 allows remote attackers to cause a denial of service (resource consumption and daemon crash) via a malformed id parameter in a request.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Commerce | 6.0.0.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR49881
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR49996
- http://www-01.ibm.com/support/docview.wss?uid=swg21671377Vendor Advisory
- http://www.securitytracker.com/id/1030284
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92402
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR49881
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR49996
- http://www-01.ibm.com/support/docview.wss?uid=swg21671377Vendor Advisory
- http://www.securitytracker.com/id/1030284
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92402
FAQ
What is CVE-2014-0943?
CVE-2014-0943 is a vulnerability with a CVSS score of 7.1 (HIGH). IBM WebSphere Commerce 6.0 Feature Pack 2 through Feature Pack 5, 7.0.0.0 through 7.0.0.8, and 7.0 Feature Pack 1 through Feature Pack 7 allows remote attackers to cause a denial of service (resource ...
How severe is CVE-2014-0943?
CVE-2014-0943 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0943?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Commerce.