Vulnerability Description
IBM Business Process Manager (BPM) 8.5 through 8.5.5 allows remote attackers to obtain potentially sensitive information by visiting an unspecified JSP diagnostic page.
CVSS Score
5.0
MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Business Process Manager | 8.5.0.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/60614
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR50760PatchVendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21679976PatchVendor Advisory
- http://www.securitytracker.com/id/1030666
- https://exchange.xforce.ibmcloud.com/vulnerabilities/93822
- http://secunia.com/advisories/60614
- http://www-01.ibm.com/support/docview.wss?uid=swg1JR50760PatchVendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21679976PatchVendor Advisory
- http://www.securitytracker.com/id/1030666
- https://exchange.xforce.ibmcloud.com/vulnerabilities/93822
FAQ
What is CVE-2014-3076?
CVE-2014-3076 is a vulnerability with a CVSS score of 5.0 (MEDIUM). IBM Business Process Manager (BPM) 8.5 through 8.5.5 allows remote attackers to obtain potentially sensitive information by visiting an unspecified JSP diagnostic page.
How severe is CVE-2014-3076?
CVE-2014-3076 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-3076?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Business Process Manager.