Vulnerability Description
SQL injection vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Portal | 7.0.0.0 |
| Ibm | Websphere Portal Unified Task List Portlet | 6.0.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/60499
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI18909
- http://www-01.ibm.com/support/docview.wss?uid=swg21677032Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/93529
- http://secunia.com/advisories/60499
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI18909
- http://www-01.ibm.com/support/docview.wss?uid=swg21677032Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/93529
FAQ
What is CVE-2014-3055?
CVE-2014-3055 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in the Unified Task List (UTL) Portlet for IBM WebSphere Portal 7.x and 8.x through 8.0.0.1 CF12 allows remote attackers to execute arbitrary SQL commands via unspecified v...
How severe is CVE-2014-3055?
CVE-2014-3055 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-3055?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Portal, Ibm Websphere Portal Unified Task List Portlet.