CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-6153

The Web UI in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x through 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x through 7.5.0.4, 8.0.x before 8.0.0.3, and 8.5.x before 8.5.0.1 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.7%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2014-6153

Ibm » Websphere Service Registry And Repository » Version: 6.3.0

cpe:2.3:a:ibm:websphere_service_registry_and_repository:6.3.0
Ibm » Websphere Service Registry And Repository » Version: 6.3.0.1

cpe:2.3:a:ibm:websphere_service_registry_and_repository:6.3.0.1
Ibm » Websphere Service Registry And Repository » Version: 6.3.0.2

cpe:2.3:a:ibm:websphere_service_registry_and_repository:6.3.0.2
Ibm » Websphere Service Registry And Repository » Version: 6.3.0.3

cpe:2.3:a:ibm:websphere_service_registry_and_repository:6.3.0.3
Ibm » Websphere Service Registry And Repository » Version: 6.3.0.4

cpe:2.3:a:ibm:websphere_service_registry_and_repository:6.3.0.4
Ibm » Websphere Service Registry And Repository » Version: 6.3.0.5

cpe:2.3:a:ibm:websphere_service_registry_and_repository:6.3.0.5
Ibm » Websphere Service Registry And Repository » Version: 7.0.0

cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0
Ibm » Websphere Service Registry And Repository » Version: 7.0.0.1

cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0.1
Ibm » Websphere Service Registry And Repository » Version: 7.0.0.2

cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0.2
Ibm » Websphere Service Registry And Repository » Version: 7.0.0.3

cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0.3
Ibm » Websphere Service Registry And Repository » Version: 7.0.0.4

cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0.4
Ibm » Websphere Service Registry And Repository » Version: 7.0.0.5

cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.0.0.5
Ibm » Websphere Service Registry And Repository » Version: 7.5.0.0

cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.0
Ibm » Websphere Service Registry And Repository » Version: 7.5.0.1

cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.1
Ibm » Websphere Service Registry And Repository » Version: 7.5.0.2

cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.2
Ibm » Websphere Service Registry And Repository » Version: 7.5.0.3

cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.3
Ibm » Websphere Service Registry And Repository » Version: 7.5.0.4

cpe:2.3:a:ibm:websphere_service_registry_and_repository:7.5.0.4
Ibm » Websphere Service Registry And Repository » Version: 8.0

cpe:2.3:a:ibm:websphere_service_registry_and_repository:8.0
Ibm » Websphere Service Registry And Repository » Version: 8.0.0.1

cpe:2.3:a:ibm:websphere_service_registry_and_repository:8.0.0.1
Ibm » Websphere Service Registry And Repository » Version: 8.0.0.2

cpe:2.3:a:ibm:websphere_service_registry_and_repository:8.0.0.2
Ibm » Websphere Service Registry And Repository » Version: 8.5

cpe:2.3:a:ibm:websphere_service_registry_and_repository:8.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-6153

Products

Pricing

Contact Us