CVE-2014-4761

MEDIUM

Description

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, 8.0 before 8.0.0.1 CF14, and 8.5.0 through 8.5.0.0 CF02 allows remote authenticated users to discover credentials by reading HTML source code.

References

http://secunia.com/advisories/61126

http://www-01.ibm.com/support/docview.wss?uid=swg1PI22104

http://www-01.ibm.com/support/docview.wss?uid=swg21684652

https://exchange.xforce.ibmcloud.com/vulnerabilities/94658

Details

Source: MITRE

Published: 2014-10-10

Updated: 2017-08-29

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 4

Vector: (AV:N/AC:L/Au:S/C:P/I:N/A:N)

Impact Score: 2.9

Exploitability Score: 8

Severity: MEDIUM