CVE-2014-0954

Published: May 22, 2014Modified: May 6, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 does not validate JSP includes, which allows remote attackers to obtain sensitive information, bypass intended request-dispatcher access restrictions, or cause a denial of service (memory consumption) via a crafted URL.

Affected (58)

Products: Ibm: Websphere Portal

Ibm

1 product

Websphere Portal

Configuration A

58 vulnerable

Vulnerable Software	Affected Versions
Ibm Websphere Portal	Version 6.1.0.0
Ibm Websphere Portal	Version 6.1.0.1
Ibm Websphere Portal	Version 6.1.0.2
Ibm Websphere Portal	Version 6.1.0.3
Ibm Websphere Portal	Version 6.1.0.4
Ibm Websphere Portal	Version 6.1.0.5
Ibm Websphere Portal	Version 6.1.0.6
Ibm Websphere Portal	Version 6.1.0.6 cf27
Ibm Websphere Portal	Version 6.1.5.0
Ibm Websphere Portal	Version 6.1.5.1
Ibm Websphere Portal	Version 6.1.5.2
Ibm Websphere Portal	Version 6.1.5.3
Ibm Websphere Portal	Version 6.1.5.3 cf27
Ibm Websphere Portal	Version 7.0.0.0
Ibm Websphere Portal	Version 7.0.0.0 cf001
Ibm Websphere Portal	Version 7.0.0.1
Ibm Websphere Portal	Version 7.0.0.1 cf002
Ibm Websphere Portal	Version 7.0.0.1 cf003
Ibm Websphere Portal	Version 7.0.0.1 cf004
Ibm Websphere Portal	Version 7.0.0.1 cf005
Ibm Websphere Portal	Version 7.0.0.1 cf006
Ibm Websphere Portal	Version 7.0.0.1 cf007
Ibm Websphere Portal	Version 7.0.0.1 cf008
Ibm Websphere Portal	Version 7.0.0.1 cf009
Ibm Websphere Portal	Version 7.0.0.1 cf010
Ibm Websphere Portal	Version 7.0.0.1 cf019
Ibm Websphere Portal	Version 7.0.0.2
Ibm Websphere Portal	Version 7.0.0.2 cf011
Ibm Websphere Portal	Version 7.0.0.2 cf012
Ibm Websphere Portal	Version 7.0.0.2 cf013
Ibm Websphere Portal	Version 7.0.0.2 cf014
Ibm Websphere Portal	Version 7.0.0.2 cf015
Ibm Websphere Portal	Version 7.0.0.2 cf016
Ibm Websphere Portal	Version 7.0.0.2 cf017
Ibm Websphere Portal	Version 7.0.0.2 cf018
Ibm Websphere Portal	Version 7.0.0.2 cf019
Ibm Websphere Portal	Version 7.0.0.2 cf020
Ibm Websphere Portal	Version 7.0.0.2 cf021
Ibm Websphere Portal	Version 7.0.0.2 cf022
Ibm Websphere Portal	Version 7.0.0.2 cf23
Ibm Websphere Portal	Version 7.0.0.2 cf24
Ibm Websphere Portal	Version 7.0.0.2 cf25
Ibm Websphere Portal	Version 7.0.0.2 cf26
Ibm Websphere Portal	Version 7.0.0.2 cf27
Ibm Websphere Portal	Version 8.0.0.0
Ibm Websphere Portal	Version 8.0.0.0 cf01
Ibm Websphere Portal	Version 8.0.0.0 cf02
Ibm Websphere Portal	Version 8.0.0.0 cf03
Ibm Websphere Portal	Version 8.0.0.0 cf04
Ibm Websphere Portal	Version 8.0.0.0 cf05
Ibm Websphere Portal	Version 8.0.0.1
Ibm Websphere Portal	Version 8.0.0.1 cf04
Ibm Websphere Portal	Version 8.0.0.1 cf05
Ibm Websphere Portal	Version 8.0.0.1 cf07
Ibm Websphere Portal	Version 8.0.0.1 cf08
Ibm Websphere Portal	Version 8.0.0.1 cf09
Ibm Websphere Portal	Version 8.0.0.1 cf10
Ibm Websphere Portal	Version 8.0.0.1 cf11