CVE-2014-6088

IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to obtain sensitive information by sniffing the network during use of the null SSL cipher.

Published: Dec 18, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-6088
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
ibm / security_access_manager_for_web	8.0	8.0.x
ibm / security_access_manager_for_web	7.0	7.0.x
ibm / security_access_manager_for_mobile	8.0	8.0.x

http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358
http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581
http://www-01.ibm.com/support/docview.wss?uid=swg21684475
https://exchange.xforce.ibmcloud.com/vulnerabilities/95860

Vulnerability Database

289,697

CVE-2014-6088