CVE-2014-4804 — MEDIUM (4.3)

Q: How severe is CVE-2014-4804?

CVE-2014-4804 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2014-4804?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Curam Social Program Management.

Vulnerability Description

Curam Universal Access in IBM Curam Social Program Management 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4.5 before iFix007, 6.0.5.4 before iFix005, and 6.0.5.5 before iFix003, when SPI inclusion is enabled, allows remote attackers to obtain sensitive user data by visiting an unspecified page.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Ibm	Curam Social Program Management	<= 5.2

Related Weaknesses (CWE)

CWE-200

References

http://www-01.ibm.com/support/docview.wss?uid=swg21695931PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/95306
http://www-01.ibm.com/support/docview.wss?uid=swg21695931PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/95306

FAQ

What is CVE-2014-4804?

CVE-2014-4804 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Curam Universal Access in IBM Curam Social Program Management 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4.5 before iFix007, 6.0.5.4 before iFix005, and 6.0.5.5 before iFix003, when SPI inclusion is...

How severe is CVE-2014-4804?

CVE-2014-4804 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-4804?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Curam Social Program Management.