CVE-2014-6084

EUVD-2014-5970
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make it easier for remote attackers to obtain sensitive information by sniffing the network during use of a weak SSL cipher.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
Affected Products (NVD)
VendorProductVersion
ibmsecurity_access_manager_for_mobile
8.0
ibmsecurity_access_manager_for_web
7.0
ibmsecurity_access_manager_for_web
8.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358
http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581
http://www-01.ibm.com/support/docview.wss?uid=swg21684475
https://exchange.xforce.ibmcloud.com/vulnerabilities/95811
http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358
http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581
http://www-01.ibm.com/support/docview.wss?uid=swg21684475
https://exchange.xforce.ibmcloud.com/vulnerabilities/95811