// For flags

CVE-2014-0963

 

Severity Score

7.1
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The Reverse Proxy feature in IBM Global Security Kit (aka GSKit) in IBM Security Access Manager (ISAM) for Web 7.0 before 7.0.0-ISS-SAM-IF0006 and 8.0 before 8.0.0.3-ISS-WGA-IF0002 allows remote attackers to cause a denial of service (infinite loop) via crafted SSL messages.

La funcionalidad Reverse Proxy en IBM Global Security Kit (también conocido como GSKit) en IBM Security Access Manager (ISAM) para Web 7.0 anterior a 7.0.0-ISS-SAM-IF0006 y 8.0 anterior a 8.0.0.3-ISS-WGA-IF0002 permite a atacantes remotos causar una denegación de servicio (bucle infinito) a través de mensajes SSL manipulados.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-01-06 CVE Reserved
  • 2014-05-08 CVE Published
  • 2023-12-19 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-399: Resource Management Errors
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ibm
Search vendor "Ibm"
Security Access Manager For Web Software
Search vendor "Ibm" for product "Security Access Manager For Web Software"
7.0
Search vendor "Ibm" for product "Security Access Manager For Web Software" and version "7.0"
-
Affected
Ibm
Search vendor "Ibm"
Security Access Manager For Web Software
Search vendor "Ibm" for product "Security Access Manager For Web Software"
8.0
Search vendor "Ibm" for product "Security Access Manager For Web Software" and version "8.0"
-
Affected
Ibm
Search vendor "Ibm"
Security Access Manager For Web Appliance
Search vendor "Ibm" for product "Security Access Manager For Web Appliance"
7.0
Search vendor "Ibm" for product "Security Access Manager For Web Appliance" and version "7.0"
-
Affected
Ibm
Search vendor "Ibm"
Security Access Manager For Web Appliance
Search vendor "Ibm" for product "Security Access Manager For Web Appliance"
8.0
Search vendor "Ibm" for product "Security Access Manager For Web Appliance" and version "8.0"
-
Affected