CVE-2014-6083

IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to obtain sensitive cookie information by sniffing the network during an HTTP session.

Published: Dec 18, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-6083
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
ibm / security_access_manager_for_web	8.0	8.0.x
ibm / security_access_manager_for_web	7.0	7.0.x
ibm / security_access_manager_for_mobile	8.0	8.0.x

http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358
http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581
http://www-01.ibm.com/support/docview.wss?uid=swg21684475
https://exchange.xforce.ibmcloud.com/vulnerabilities/95810

Vulnerability Database

289,697

CVE-2014-6083