CVE-2014-4761

medium

Description

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to discover credentials by reading HTML source code.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/94658

http://www-01.ibm.com/support/docview.wss?uid=swg21684652

http://www-01.ibm.com/support/docview.wss?uid=swg1PI22104

http://secunia.com/advisories/61126

Details

Source: Mitre, NVD

Published: 2014-10-10

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N