What is the severity of CVE-2014-0961?

CVE-2014-0961 has been classified as a medium severity vulnerability due to its potential impact on user authentication.

How do I fix CVE-2014-0961?

To fix CVE-2014-0961, you should apply the latest patches provided by IBM for affected versions of IBM Tivoli Identity Manager and IBM Security Identity Manager.

Which versions are affected by CVE-2014-0961?

CVE-2014-0961 affects IBM Tivoli Identity Manager versions before 5.0.0.15 and 5.1.0.15, and IBM Security Identity Manager versions before 6.0.0.2.

What type of vulnerability is CVE-2014-0961?

CVE-2014-0961 is a Cross-site Request Forgery (CSRF) vulnerability that allows remote authenticated users to hijack the authentication of other users.

What are the consequences of CVE-2014-0961?

If exploited, CVE-2014-0961 can lead to unauthorized actions taken in the context of an authenticated user, potentially compromising sensitive data.

Vulnerability/
CVE-2014-0961

medium

CWE

352 79

8/6/2014

6/8/2024

CVE-2014-0961: CSRF

First published: Sun Jun 08 2014(Updated: )

Cross-site request forgery (CSRF) vulnerability in IBM Tivoli Identity Manager (ITIM) 5.0 before 5.0.0.15 and 5.1 before 5.1.0.15 and IBM Security Identity Manager (ISIM) 6.0 before 6.0.0.2 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Security Identity Manager	=6.0.0
IBM Security Identity Manager	=6.0.0.1
IBM Tivoli Identity Manager	=5.0.0
IBM Tivoli Identity Manager	=5.0.0.6
IBM Tivoli Identity Manager	=5.0.0.10
IBM Tivoli Identity Manager	=5.0.0.11
IBM Tivoli Identity Manager	=5.0.0.12
IBM Tivoli Identity Manager	=5.0.0.13
IBM Tivoli Identity Manager	=5.0.0.14
IBM Tivoli Identity Manager	=5.1.0
IBM Tivoli Identity Manager	=5.1.0.3
IBM Tivoli Identity Manager	=5.1.0.4
IBM Tivoli Identity Manager	=5.1.0.5
IBM Tivoli Identity Manager	=5.1.0.6
IBM Tivoli Identity Manager	=5.1.0.7
IBM Tivoli Identity Manager	=5.1.0.8
IBM Tivoli Identity Manager	=5.1.0.9
IBM Tivoli Identity Manager	=5.1.0.10
IBM Tivoli Identity Manager	=5.1.0.11
IBM Tivoli Identity Manager	=5.1.0.12
IBM Tivoli Identity Manager	=5.1.0.13
IBM Tivoli Identity Manager	=5.1.0.14

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-0961?
CVE-2014-0961 has been classified as a medium severity vulnerability due to its potential impact on user authentication.
How do I fix CVE-2014-0961?
To fix CVE-2014-0961, you should apply the latest patches provided by IBM for affected versions of IBM Tivoli Identity Manager and IBM Security Identity Manager.
Which versions are affected by CVE-2014-0961?
CVE-2014-0961 affects IBM Tivoli Identity Manager versions before 5.0.0.15 and 5.1.0.15, and IBM Security Identity Manager versions before 6.0.0.2.
What type of vulnerability is CVE-2014-0961?
CVE-2014-0961 is a Cross-site Request Forgery (CSRF) vulnerability that allows remote authenticated users to hijack the authentication of other users.
What are the consequences of CVE-2014-0961?
If exploited, CVE-2014-0961 can lead to unauthorized actions taken in the context of an authenticated user, potentially compromising sensitive data.

collector/nvd-index
agent/references
agent/weakness
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/severity
agent/author
agent/tags
agent/description
agent/first-publish-date
agent/event
agent/source
vendor/ibm
canonical/ibm security identity manager
version/ibm security identity manager/6.0.0
version/ibm security identity manager/6.0.0.1
canonical/ibm tivoli identity manager
version/ibm tivoli identity manager/5.0.0
version/ibm tivoli identity manager/5.0.0.6
version/ibm tivoli identity manager/5.0.0.10
version/ibm tivoli identity manager/5.0.0.11
version/ibm tivoli identity manager/5.0.0.12
version/ibm tivoli identity manager/5.0.0.13
version/ibm tivoli identity manager/5.0.0.14
version/ibm tivoli identity manager/5.1.0
version/ibm tivoli identity manager/5.1.0.3
version/ibm tivoli identity manager/5.1.0.4
version/ibm tivoli identity manager/5.1.0.5
version/ibm tivoli identity manager/5.1.0.6
version/ibm tivoli identity manager/5.1.0.7
version/ibm tivoli identity manager/5.1.0.8
version/ibm tivoli identity manager/5.1.0.9
version/ibm tivoli identity manager/5.1.0.10
version/ibm tivoli identity manager/5.1.0.11
version/ibm tivoli identity manager/5.1.0.12
version/ibm tivoli identity manager/5.1.0.13
version/ibm tivoli identity manager/5.1.0.14