CVE-2014-3076

Published: Aug 11, 2014Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

IBM Business Process Manager (BPM) 8.5 through 8.5.5 allows remote attackers to obtain potentially sensitive information by visiting an unspecified JSP diagnostic page.

Affected (3)

Products: Ibm: Business Process Manager

Ibm

1 product

Business Process Manager

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Ibm Business Process Manager	Version 8.5.0.0
Ibm Business Process Manager	Version 8.5.0.1
Ibm Business Process Manager	Version 8.5.5.0

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (10)

http://secunia.com/advisories/60614

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg1JR50760

Source: psirt@us.ibm.com

PatchVendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21679976

Source: psirt@us.ibm.com

PatchVendor Advisory

http://www.securitytracker.com/id/1030666

Source: psirt@us.ibm.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/93822

Source: psirt@us.ibm.com

http://secunia.com/advisories/60614