CVE-2014-6160

Published: Dec 29, 2014Modified: May 6, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

IBM WebSphere Service Registry and Repository (WSRR) 8.5 before 8.5.0.1, when Chrome and WebSEAL are used, does not properly process ServiceRegistryDashboard logout actions, which allows remote attackers to bypass intended access restrictions by leveraging an unattended workstation.

Affected (1)

Products: Ibm: Websphere Service Registry And Repository

1 product

Websphere Service Registry And Repository

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Ibm Websphere Service Registry And Repository	Version 8.5

Running on/with	Platform Versions
Google Chrome	All versions
Ibm Webseal	All versions

Related CWEs

References (6)

http://www-01.ibm.com/support/docview.wss?uid=swg1IV63498

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21693389

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/97709

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg1IV63498

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=swg21693389

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/97709

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.