Vulnerability Details : CVE-2014-4756
The Administration and Reporting Tool in IBM Rational License Key Server (RLKS) 8.1.4.x before 8.1.4.4 allows remote authenticated users to hijack sessions via unspecified vectors.
Exploit prediction scoring system (EPSS) score for CVE-2014-4756
Probability of exploitation activity in the next 30 days: 0.16%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 51 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-4756
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
3.5
|
LOW | AV:N/AC:M/Au:S/C:N/I:P/A:N |
6.8
|
2.9
|
NIST |
References for CVE-2014-4756
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/94444
IBM RLKS Administration and Reporting Tool cross-site scripting CVE-2014-4756 Vulnerability Report
-
http://www-01.ibm.com/support/docview.wss?uid=swg21681449
IBM Security Bulletin: Rational License Key Server Administration and Reporting Tool vulnerability (CVE-2014-0909, CVE-2014-3079 and CVE-2014-4756)Patch;Vendor Advisory
-
http://secunia.com/advisories/60709
Sign in
-
http://www-01.ibm.com/support/docview.wss?uid=swg24038045
IBM Rational License Key Server Fix Pack 4 (8.1.4.4) for 8.1.4
-
http://www.securityfocus.com/bid/69645
IBM Rational License Key Server Administration and Reporting Tool Security Vulnerability
Products affected by CVE-2014-4756
- cpe:2.3:a:ibm:rational_license_key_server:8.1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_license_key_server:8.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:rational_license_key_server:8.1.4.2:*:*:*:*:*:*:*