CVE-2014-3053

The Local Management Interface (LMI) in IBM Security Access Manager (ISAM) for Mobile 8.0 with firmware 8.0.0.0 through 8.0.0.3 and IBM Security Access Manager for Web 7.0, and 8.0 with firmware 8.0.0.2 and 8.0.0.3, allows remote attackers to bypass authentication via a login action with invalid credentials.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8 UNKNOWN
ADJACENT_NETWORK
LOW
AV:A/AC:L/Au:N/C:C/I:P/A:C
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
VendorProductVersion
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.0.2
ibmsecurity_access_manager_for_web_8.0_firmware
8.0.0.3
ibmsecurity_access_manager_for_web_appliance
8.0
ibmsecurity_access_manager_for_mobile_software
8.0
ibmsecurity_access_manager_for_web_software
7.0
ibmsecurity_access_manager_for_web_software
8.0
ibmsecurity_access_manager_for_mobile_appliance
8.0
ibmsecurity_access_manager_for_web_appliance
7.0
ibmsecurity_access_manager_for_web_appliance
8.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/59381
http://secunia.com/advisories/59438
http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557
http://www-01.ibm.com/support/docview.wss?uid=swg21676389
http://www-01.ibm.com/support/docview.wss?uid=swg21676700
http://www.securityfocus.com/bid/68132
https://exchange.xforce.ibmcloud.com/vulnerabilities/93501
http://secunia.com/advisories/59381
http://secunia.com/advisories/59438
http://www-01.ibm.com/support/docview.wss?uid=swg1IV61557
http://www-01.ibm.com/support/docview.wss?uid=swg21676389
http://www-01.ibm.com/support/docview.wss?uid=swg21676700
http://www.securityfocus.com/bid/68132
https://exchange.xforce.ibmcloud.com/vulnerabilities/93501