Vulnerability Details CVE-2014-0963
The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.5%
CVSS Severity
CVSS v2 Score 7.1
References
- http://secunia.com/advisories/58845
- http://secunia.com/advisories/59245
- http://secunia.com/advisories/59249
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV59660
- http://www-01.ibm.com/support/docview.wss?uid=swg21672192
- http://www-01.ibm.com/support/docview.wss?uid=swg21676091
- http://www-01.ibm.com/support/docview.wss?uid=swg21676092
- http://www-304.ibm.com/support/docview.wss?uid=swg21680803
- http://www.ibm.com/support/docview.wss?uid=swg21675496
- http://www.securityfocus.com/bid/67238
- http://www.securitytracker.com/id/1030707
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92844
- http://secunia.com/advisories/58845
- http://secunia.com/advisories/59245
- http://secunia.com/advisories/59249
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV59660
- http://www-01.ibm.com/support/docview.wss?uid=swg21672192
- http://www-01.ibm.com/support/docview.wss?uid=swg21676091
- http://www-01.ibm.com/support/docview.wss?uid=swg21676092
- http://www-304.ibm.com/support/docview.wss?uid=swg21680803
- http://www.ibm.com/support/docview.wss?uid=swg21675496
- http://www.securityfocus.com/bid/67238
- http://www.securitytracker.com/id/1030707
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92844
Products affected by CVE-2014-0963
-
cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0
-
cpe:2.3:a:ibm:security_access_manager_for_web_software:8.0
-
cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0
-
cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0