What is the severity of CVE-2014-4823?

CVE-2014-4823 is considered a critical vulnerability due to its potential for remote code execution.

How do I fix CVE-2014-4823?

To fix CVE-2014-4823, upgrade IBM Security Access Manager for Web to version 7.0.0-ISS-WGA-IF0009 or 8.0.0-ISS-WGA-FP0005 or higher.

What software is affected by CVE-2014-4823?

CVE-2014-4823 affects IBM Security Access Manager for Web versions 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005.

What types of attacks can CVE-2014-4823 facilitate?

CVE-2014-4823 can facilitate remote command injection attacks, allowing attackers to execute arbitrary system commands.

Who is vulnerable to CVE-2014-4823?

Organizations using affected versions of IBM Security Access Manager for Web or Mobile are vulnerable to CVE-2014-4823.

Vulnerability/
CVE-2014-4823

critical

CWE

3/10/2014

6/8/2024

CVE-2014-4823: OS Command Injection

First published: Fri Oct 03 2014(Updated: )

The administration console in IBM Security Access Manager for Web 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005, and Security Access Manager for Mobile 8.x before 8.0.0-ISS-ISAM-FP0005, allows remote attackers to inject system commands via unspecified vectors.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Security Access Manager for Web 7.0 Firmware	=7.0.0.0
IBM Security Access Manager for Web 7.0 Firmware	=7.0.0.1
IBM Security Access Manager for Web 7.0 Firmware	=7.0.0.2
IBM Security Access Manager for Web 7.0 Firmware	=7.0.0.3
IBM Security Access Manager for Web 7.0 Firmware	=7.0.0.4
IBM Security Access Manager for Web 7.0 Firmware	=7.0.0.5
IBM Security Access Manager for Web 7.0 Firmware	=7.0.0.6
IBM Security Access Manager for Web 7.0 Firmware	=7.0.0.7
IBM Security Access Manager for Web 7.0 Firmware	=7.0.0.8
IBM Security Access Manager for Web appliance	=7.0
IBM Security Access Manager for Web 8.0 firmware	=8.0.0.2
IBM Security Access Manager for Web 8.0 firmware	=8.0.0.3
IBM Security Access Manager for Web 8.0 firmware	=8.0.0.4
IBM Security Access Manager for Web appliance	=8.0
IBM Security Access Manager for Mobile	=8.0.0.0
IBM Security Access Manager for Mobile	=8.0.0.1
IBM Security Access Manager for Mobile	=8.0.0.3
IBM Security Access Manager for Mobile	=8.0.0.4
IBM Security Access Manager for Mobile Appliance	=8.0

Remedy

http://www-01.ibm.com/support/docview.wss?uid=swg21684466

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-4823?
CVE-2014-4823 is considered a critical vulnerability due to its potential for remote code execution.
How do I fix CVE-2014-4823?
To fix CVE-2014-4823, upgrade IBM Security Access Manager for Web to version 7.0.0-ISS-WGA-IF0009 or 8.0.0-ISS-WGA-FP0005 or higher.
What software is affected by CVE-2014-4823?
CVE-2014-4823 affects IBM Security Access Manager for Web versions 7.x before 7.0.0-ISS-WGA-IF0009 and 8.x before 8.0.0-ISS-WGA-FP0005.
What types of attacks can CVE-2014-4823 facilitate?
CVE-2014-4823 can facilitate remote command injection attacks, allowing attackers to execute arbitrary system commands.
Who is vulnerable to CVE-2014-4823?
Organizations using affected versions of IBM Security Access Manager for Web or Mobile are vulnerable to CVE-2014-4823.

agent/references
agent/softwarecombine
agent/type
collector/mitre-cve
source/MITRE
agent/remedy
agent/severity
agent/weakness
agent/author
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm security access manager for web 7.0 firmware
version/ibm security access manager for web 7.0 firmware/7.0.0.0
version/ibm security access manager for web 7.0 firmware/7.0.0.1
version/ibm security access manager for web 7.0 firmware/7.0.0.2
version/ibm security access manager for web 7.0 firmware/7.0.0.3
version/ibm security access manager for web 7.0 firmware/7.0.0.4
version/ibm security access manager for web 7.0 firmware/7.0.0.5
version/ibm security access manager for web 7.0 firmware/7.0.0.6
version/ibm security access manager for web 7.0 firmware/7.0.0.7
version/ibm security access manager for web 7.0 firmware/7.0.0.8
canonical/ibm security access manager for web appliance
version/ibm security access manager for web appliance/7.0
canonical/ibm security access manager for web 8.0 firmware
version/ibm security access manager for web 8.0 firmware/8.0.0.2
version/ibm security access manager for web 8.0 firmware/8.0.0.3
version/ibm security access manager for web 8.0 firmware/8.0.0.4
version/ibm security access manager for web appliance/8.0
canonical/ibm security access manager for mobile
version/ibm security access manager for mobile/8.0.0.0
version/ibm security access manager for mobile/8.0.0.1
version/ibm security access manager for mobile/8.0.0.3
version/ibm security access manager for mobile/8.0.0.4
canonical/ibm security access manager for mobile appliance
version/ibm security access manager for mobile appliance/8.0