CVE-2014-0867
First published: Mon Jul 07 2014(Updated: )
rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to create or modify cookies via the query string.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Algo Credit Limits | =4.5.0 | |
| IBM Algo Credit Limits | =4.7.0 | |
| IBM Algorithmics |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html
- http://seclists.org/fulldisclosure/2014/Jun/173
- http://www-01.ibm.com/support/docview.wss?uid=swg21675881
- http://www.securityfocus.com/archive/1/532598/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90941
- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt
- collector/nvd-index
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/softwarecombine
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- vendor/ibm
- canonical/ibm algo credit limits
- version/ibm algo credit limits/4.5.0
- version/ibm algo credit limits/4.7.0
- canonical/ibm algorithmics