Vulnerability Description
IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0 before CF04, when the Managed Pages setting is enabled, allows remote authenticated users to write to pages via an XML injection attack.
CVSS Score
4.9
MEDIUM
AV:N/AC:M/Au:S/C:N/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Portal | 8.0.0.0 |
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI28699
- http://www-01.ibm.com/support/docview.wss?uid=swg21692107PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98567
- http://www-01.ibm.com/support/docview.wss?uid=swg1PI28699
- http://www-01.ibm.com/support/docview.wss?uid=swg21692107PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98567
FAQ
What is CVE-2014-6193?
CVE-2014-6193 is a vulnerability with a CVSS score of 4.9 (MEDIUM). IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0 before CF04, when the Managed Pages setting is enabled, allows remote authenticated users to write to pages via an XML injection attack.
How severe is CVE-2014-6193?
CVE-2014-6193 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-6193?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Portal.