Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-4761

Опубликовано: 10 окт. 2014
Источник: nvd
CVSS2: 4
EPSS Низкий

Описание

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to discover credentials by reading HTML source code.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.6:cf17:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.6:cf18:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.6:cf19:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.6:cf20:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.6:cf21:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.6:cf22:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.6:cf23:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.6:cf24:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.6:cf25:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.6:cf26:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.0.6:cf27:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.3:cf17:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.3:cf18:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.3:cf19:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.3:cf20:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.3:cf21:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.3:cf22:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.3:cf23:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.3:cf24:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.3:cf25:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.3:cf26:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:6.1.5.3:cf27:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.0:cf001:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf002:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf003:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf004:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf005:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf006:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf007:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf008:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf009:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf010:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.1:cf019:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf011:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf012:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf013:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf014:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf015:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf016:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf017:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf018:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf019:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf020:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf021:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf022:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf23:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf24:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf25:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf26:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf27:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:7.0.0.2:cf28:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf01:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf02:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf03:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf04:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf05:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf04:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf05:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf06:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf07:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf08:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf09:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf12:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf13:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.5.0.0:cf01:*:*:*:*:*:*
cpe:2.3:a:ibm:websphere_portal:8.5.0.0:cf02:*:*:*:*:*:*

EPSS

Процентиль: 45%
0.00226
Низкий

4 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

github логотип

GHSA-3fpf-fcfr-3q46

github
больше 3 лет назад

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to discover credentials by reading HTML source code.

EPSS

Процентиль: 45%
0.00226
Низкий

4 Medium

CVSS2

Дефекты

CWE-200