Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2014-0954

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 does not validate JSP includes, which allows remote attackers to obtain sensitive information, bypass intended request-dispatcher access restrictions, or cause a denial of service (memory consumption) via a crafted URL.

  • Published: May 22, 2014
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-0954
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
ibm / websphere_portal 7.0.0.1 7.0.0.1.x
ibm / websphere_portal 7.0.0.2-cf26 7.0.0.2-cf26.x
ibm / websphere_portal 7.0.0.2-cf27 7.0.0.2-cf27.x
ibm / websphere_portal 6.1.5.3-cf27 6.1.5.3-cf27.x
ibm / websphere_portal 8.0.0.1-cf08 8.0.0.1-cf08.x
ibm / websphere_portal 8.0.0.1 8.0.0.1.x
ibm / websphere_portal 7.0.0.2-cf23 7.0.0.2-cf23.x
ibm / websphere_portal 7.0.0.1-cf004 7.0.0.1-cf004.x
ibm / websphere_portal 7.0.0.0 7.0.0.0.x
ibm / websphere_portal 8.0.0.0 8.0.0.0.x
ibm / websphere_portal 6.1.5.1 6.1.5.1.x
ibm / websphere_portal 7.0.0.2-cf017 7.0.0.2-cf017.x
ibm / websphere_portal 7.0.0.2-cf022 7.0.0.2-cf022.x
ibm / websphere_portal 8.0.0.0-cf04 8.0.0.0-cf04.x
ibm / websphere_portal 6.1.5.0 6.1.5.0.x
ibm / websphere_portal 7.0.0.1-cf005 7.0.0.1-cf005.x
ibm / websphere_portal 7.0.0.1-cf006 7.0.0.1-cf006.x
ibm / websphere_portal 7.0.0.0-cf001 7.0.0.0-cf001.x
ibm / websphere_portal 6.1.0.5 6.1.0.5.x
ibm / websphere_portal 6.1.5.3 6.1.5.3.x
ibm / websphere_portal 7.0.0.1-cf003 7.0.0.1-cf003.x
ibm / websphere_portal 7.0.0.2-cf013 7.0.0.2-cf013.x
ibm / websphere_portal 7.0.0.2-cf020 7.0.0.2-cf020.x
ibm / websphere_portal 7.0.0.2-cf019 7.0.0.2-cf019.x
ibm / websphere_portal 8.0.0.1-cf05 8.0.0.1-cf05.x
ibm / websphere_portal 6.1.0.2 6.1.0.2.x
ibm / websphere_portal 8.0.0.1-cf04 8.0.0.1-cf04.x
ibm / websphere_portal 6.1.5.2 6.1.5.2.x
ibm / websphere_portal 7.0.0.2-cf015 7.0.0.2-cf015.x
ibm / websphere_portal 8.0.0.1-cf11 8.0.0.1-cf11.x
ibm / websphere_portal 7.0.0.2-cf012 7.0.0.2-cf012.x
ibm / websphere_portal 6.1.0.1 6.1.0.1.x
ibm / websphere_portal 7.0.0.2-cf018 7.0.0.2-cf018.x
ibm / websphere_portal 8.0.0.0-cf01 8.0.0.0-cf01.x
ibm / websphere_portal 6.1.0.4 6.1.0.4.x
ibm / websphere_portal 7.0.0.2-cf016 7.0.0.2-cf016.x
ibm / websphere_portal 8.0.0.0-cf02 8.0.0.0-cf02.x
ibm / websphere_portal 7.0.0.1-cf019 7.0.0.1-cf019.x
ibm / websphere_portal 8.0.0.1-cf07 8.0.0.1-cf07.x
ibm / websphere_portal 7.0.0.2-cf24 7.0.0.2-cf24.x
ibm / websphere_portal 6.1.0.6-cf27 6.1.0.6-cf27.x
ibm / websphere_portal 8.0.0.1-cf10 8.0.0.1-cf10.x
ibm / websphere_portal 8.0.0.0-cf05 8.0.0.0-cf05.x
ibm / websphere_portal 7.0.0.1-cf009 7.0.0.1-cf009.x
ibm / websphere_portal 7.0.0.1-cf002 7.0.0.1-cf002.x
ibm / websphere_portal 7.0.0.1-cf007 7.0.0.1-cf007.x
ibm / websphere_portal 8.0.0.0-cf03 8.0.0.0-cf03.x
ibm / websphere_portal 7.0.0.1-cf008 7.0.0.1-cf008.x
ibm / websphere_portal 8.0.0.1-cf09 8.0.0.1-cf09.x
ibm / websphere_portal 6.1.0.3 6.1.0.3.x
ibm / websphere_portal 6.1.0.0 6.1.0.0.x
ibm / websphere_portal 7.0.0.2-cf25 7.0.0.2-cf25.x
ibm / websphere_portal 7.0.0.2-cf014 7.0.0.2-cf014.x
ibm / websphere_portal 7.0.0.2 7.0.0.2.x
ibm / websphere_portal 7.0.0.1-cf010 7.0.0.1-cf010.x
ibm / websphere_portal 7.0.0.2-cf021 7.0.0.2-cf021.x
ibm / websphere_portal 6.1.0.6 6.1.0.6.x
ibm / websphere_portal 7.0.0.2-cf011 7.0.0.2-cf011.x