Vulnerability Description
The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Security Access Manager For Web 7.0 Firmware | 7.0.0.0 |
| Ibm | Security Access Manager For Web Appliance | 7.0 |
| Ibm | Security Access Manager For Web 8.0 Firmware | 8.0.0.2 |
| Ibm | Security Access Manager For Mobile 8.0 Firmware | 8.0.0.0 |
| Ibm | Security Access Manager For Mobile Appliance | 8.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/61278
- http://secunia.com/advisories/61294
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919
- http://www-01.ibm.com/support/docview.wss?uid=swg21684466PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95573
- http://secunia.com/advisories/61278
- http://secunia.com/advisories/61294
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV64910
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV64919
- http://www-01.ibm.com/support/docview.wss?uid=swg21684466PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95573
FAQ
What is CVE-2014-4823?
CVE-2014-4823 is a vulnerability with a CVSS score of 10.0 (HIGH). The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-...
How severe is CVE-2014-4823?
CVE-2014-4823 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-4823?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Security Access Manager For Web 7.0 Firmware, Ibm Security Access Manager For Web Appliance, Ibm Security Access Manager For Web 8.0 Firmware, Ibm Security Access Manager For Mobile 8.0 Firmware, Ibm Security Access Manager For Mobile Appliance.