CVE-2014-6084

IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 make it easier for remote attackers to obtain sensitive information by sniffing the network during use of a weak SSL cipher.

Published: Dec 18, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-6084
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-310

Affected Software
References

Software	From	Fixed in
ibm / security_access_manager_for_mobile	8.0	8.0.x
ibm / security_access_manager_for_web	8.0	8.0.x
ibm / security_access_manager_for_web	7.0	7.0.x

http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358
http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581
http://www-01.ibm.com/support/docview.wss?uid=swg21684475
https://exchange.xforce.ibmcloud.com/vulnerabilities/95811

Vulnerability Database

289,697

CVE-2014-6084