1. Home
  2. CVE Database
  3. CVE-2014-0963
HIGH · 7.1

CVE-2014-0963

The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attac...

Vulnerability Description

The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages.

CVSS Score

7.1

HIGH

AV:N/AC:M/Au:N/C:N/I:N/A:C
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE

Affected Products

VendorProductVersions
IbmSecurity Access Manager For Web Software7.0
IbmSecurity Access Manager For Web Appliance7.0

Related Weaknesses (CWE)

CWE-399

References

FAQ

What is CVE-2014-0963?

CVE-2014-0963 is a vulnerability with a CVSS score of 7.1 (HIGH). The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attac...

How severe is CVE-2014-0963?

CVE-2014-0963 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-0963?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Security Access Manager For Web Software, Ibm Security Access Manager For Web Appliance.