Vulnerability Description
IBM PureApplication System 1.0 before 1.0.0.4 cfix8 and 1.1 before 1.1.0.4 IF1 allows remote authenticated users to bypass intended access restrictions by establishing an SSH session from a deployed virtual machine.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Pureapplication System | 1.0.0.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/59254
- http://www-01.ibm.com/support/docview.wss?uid=swg21675216Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92743
- http://secunia.com/advisories/59254
- http://www-01.ibm.com/support/docview.wss?uid=swg21675216Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92743
FAQ
What is CVE-2014-0960?
CVE-2014-0960 is a vulnerability with a CVSS score of 6.6 (MEDIUM). IBM PureApplication System 1.0 before 1.0.0.4 cfix8 and 1.1 before 1.1.0.4 IF1 allows remote authenticated users to bypass intended access restrictions by establishing an SSH session from a deployed v...
How severe is CVE-2014-0960?
CVE-2014-0960 has been rated MEDIUM with a CVSS base score of 6.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0960?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Pureapplication System.