CVE-2014-6193

Published: Dec 19, 2014Modified: May 6, 2026

4.9

Vector

AV:N/AC:M/Au:S/C:N/I:P/A:P

Exploitability: 6.8 / Impact: 4.9

Source: NVD

Description

IBM WebSphere Portal 8.0.0 through 8.0.0.1 CF14 and 8.5.0 before CF04, when the Managed Pages setting is enabled, allows remote authenticated users to write to pages via an XML injection attack.

Affected (3)

Products: Ibm: Websphere Portal

Ibm

1 product

Websphere Portal

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Ibm Websphere Portal	Version 8.0.0.0
Ibm Websphere Portal	Version 8.0.0.1
Ibm Websphere Portal	Version 8.5.0.0

References (6)

http://www-01.ibm.com/support/docview.wss?uid=swg1PI28699

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21692107

Source: psirt@us.ibm.com

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/98567

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg1PI28699

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=swg21692107

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/98567

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.