Vulnerability Details CVE-2014-6087
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make it easier for remote attackers to obtain sensitive information by sniffing the network during use of a weak algorithm in an SSL cipher suite.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.9%
CVSS Severity
CVSS v2 Score 5.0
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581
- http://www-01.ibm.com/support/docview.wss?uid=swg21684475
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95813
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581
- http://www-01.ibm.com/support/docview.wss?uid=swg21684475
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95813
Products affected by CVE-2014-6087
-
cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0
-
cpe:2.3:a:ibm:security_access_manager_for_web:7.0
-
cpe:2.3:a:ibm:security_access_manager_for_web:8.0