CVE-2014-6170

EUVD-2014-6056
The HTTPInput node in IBM WebSphere Message Broker 7.0 before 7.0.0.8 and 8.0 before 8.0.0.6 and IBM Integration Bus 9.0 before 9.0.0.4 allows remote attackers to obtain sensitive information by triggering a SOAP fault.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
Affected Products (NVD)
VendorProductVersion
ibmintegration_bus
9.0
ibmintegration_bus
9.0.0.1
ibmintegration_bus
9.0.0.2
ibmintegration_bus
9.0.0.3
ibmwebsphere_message_broker
7.0.
ibmwebsphere_message_broker
7.0.0.1
ibmwebsphere_message_broker
7.0.0.2
ibmwebsphere_message_broker
7.0.0.3
ibmwebsphere_message_broker
7.0.0.4
ibmwebsphere_message_broker
7.0.0.5
ibmwebsphere_message_broker
7.0.0.6
ibmwebsphere_message_broker
7.0.0.7
ibmwebsphere_message_broker
8.0
ibmwebsphere_message_broker
8.0.0.1
ibmwebsphere_message_broker
8.0.0.2
ibmwebsphere_message_broker
8.0.0.3
ibmwebsphere_message_broker
8.0.0.4
ibmwebsphere_message_broker
8.0.0.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg1IT01929
http://www-01.ibm.com/support/docview.wss?uid=swg21690725
https://exchange.xforce.ibmcloud.com/vulnerabilities/98309
http://www-01.ibm.com/support/docview.wss?uid=swg1IT01929
http://www-01.ibm.com/support/docview.wss?uid=swg21690725
https://exchange.xforce.ibmcloud.com/vulnerabilities/98309