CVE-2014-2600 — MEDIUM (4.0)

Vulnerability Description

Unspecified vulnerability in HP IceWall Identity Manager 4.0 through SP1 and 5.0 and IceWall SSO 10.0 Password Reset Option, when Apache Commons FileUpload is used, allows remote authenticated users to cause a denial of service via unknown vectors.

CVSS Score

4.0

MEDIUM

AV:N/AC:L/Au:S/C:N/I:N/A:P

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Hp	Icewall Identity Manager	4.0
Hp	Icewall Sso Password Reset Option	10.0

References

http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?dVendor Advisory
http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?dVendor Advisory

FAQ

What is CVE-2014-2600?

CVE-2014-2600 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Unspecified vulnerability in HP IceWall Identity Manager 4.0 through SP1 and 5.0 and IceWall SSO 10.0 Password Reset Option, when Apache Commons FileUpload is used, allows remote authenticated users t...

How severe is CVE-2014-2600?

CVE-2014-2600 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-2600?

Check the references section above for vendor advisories and patch information. Affected products include: Hp Icewall Identity Manager, Hp Icewall Sso Password Reset Option.