Vulnerability Details CVE-2014-0960
IBM PureApplication System 1.0 before 1.0.0.4 cfix8 and 1.1 before 1.1.0.4 IF1 allows remote authenticated users to bypass intended access restrictions by establishing an SSH session from a deployed virtual machine.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.0%
CVSS Severity
CVSS v2 Score 6.6
References
- http://secunia.com/advisories/59254
- http://www-01.ibm.com/support/docview.wss?uid=swg21675216
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92743
- http://secunia.com/advisories/59254
- http://www-01.ibm.com/support/docview.wss?uid=swg21675216
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92743
Products affected by CVE-2014-0960
-
cpe:2.3:a:ibm:pureapplication_system:1.0.0.0
-
cpe:2.3:a:ibm:pureapplication_system:1.0.0.1
-
cpe:2.3:a:ibm:pureapplication_system:1.0.0.2
-
cpe:2.3:a:ibm:pureapplication_system:1.0.0.3
-
cpe:2.3:a:ibm:pureapplication_system:1.0.0.4
-
cpe:2.3:a:ibm:pureapplication_system:1.1.0.0
-
cpe:2.3:a:ibm:pureapplication_system:1.1.0.1
-
cpe:2.3:a:ibm:pureapplication_system:1.1.0.2
-
cpe:2.3:a:ibm:pureapplication_system:1.1.0.3
-
cpe:2.3:a:ibm:pureapplication_system:1.1.0.4