CVE-2014-6106

Published: Sep 18, 2017Modified: May 13, 2026

8.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager 5.1, 6.0, and 7.0 allows remote attackers to hijack the authentication of users for requests that can cause cross-site scripting attacks, web cache poisoning, or other unspecified impacts via unknown vectors.

Affected (20)

Products: Ibm: Security Identity Manager

Ibm

1 product

Security Identity Manager

Configuration A

20 vulnerable

Vulnerable Software	Affected Versions
Ibm Security Identity Manager	Version 5.1.0.10
Ibm Security Identity Manager	Version 5.1.0.11
Ibm Security Identity Manager	Version 5.1.0.12
Ibm Security Identity Manager	Version 5.1.0.13
Ibm Security Identity Manager	Version 5.1.0.14
Ibm Security Identity Manager	Version 5.1.0.15
Ibm Security Identity Manager	Version 5.1.0.3
Ibm Security Identity Manager	Version 5.1.0.4
Ibm Security Identity Manager	Version 5.1.0.5
Ibm Security Identity Manager	Version 5.1.0.6
Ibm Security Identity Manager	Version 5.1.0.7
Ibm Security Identity Manager	Version 5.1.0.8
Ibm Security Identity Manager	Version 5.1.0.9
Ibm Security Identity Manager	Version 5.1.0
Ibm Security Identity Manager	Version 6.0.0.0
Ibm Security Identity Manager	Version 6.0.0.1
Ibm Security Identity Manager	Version 6.0.0.2
Ibm Security Identity Manager	Version 6.0.0.3
Ibm Security Identity Manager	Version 6.0.0.4
Ibm Security Identity Manager	Version 7.0.0.0