Vulnerability Details : CVE-2014-3073
Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote attackers to execute arbitrary code via unknown vectors.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2014-3073
Probability of exploitation activity in the next 30 days: 1.81%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 87 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-3073
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2014-3073
-
http://www-01.ibm.com/support/docview.wss?uid=swg1IV61563
IBM notice: The page you requested cannot be displayed
-
http://www-01.ibm.com/support/docview.wss?uid=swg21676699
IBM Security Bulletin: IBM Security Access Manager for Mobile and IBM Security Access Manager for Web appliances - Remote Code Execution (CVE-2014-3073)Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/93790
IBM Security Access Manager for Mobile and IBM Security Access Manager for Web appliances - Remote Code Execution CVE-2014-3073 Vulnerability Report
-
http://www.securityfocus.com/bid/68137
IBM Security Access Manager CVE-2014-3073 Remote Code Execution Vulnerability
Products affected by CVE-2014-3073
- cpe:2.3:a:ibm:security_access_manager_for_web_software:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_access_manager_for_web_software:7.0:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:security_access_manager_for_web_appliance:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:security_access_manager_for_mobile_software:8.0:*:*:*:*:*:*:*
- cpe:2.3:h:ibm:security_access_manager_for_mobile_appliance:8.0:*:*:*:*:*:*:*