// For flags

CVE-2014-2600

HP Security Bulletin HPSBGN02986

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Unspecified vulnerability in HP IceWall Identity Manager 4.0 through SP1 and 5.0 and IceWall SSO 10.0 Password Reset Option, when Apache Commons FileUpload is used, allows remote authenticated users to cause a denial of service via unknown vectors.

Vulnerabilidad no especificada en HP IceWall Identity Manager 4.0 hasta SP1 y 5.0 y la opción de restablecimiento de contraseña de IceWall SSO 10.0, cuando Apache Commons FileUpload es utilizado, permite a usuarios remotos autenticados causar una denegación de servicio a través de vectores desconocidos.

A potential security vulnerability has been identified with HP IceWall Identity Manager and HP IceWall SSO Password Reset Option Running Apache Commons FileUpload. The vulnerability could be exploited remotely resulting in a Denial of Service (DoS). Revision 1 of this advisory.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-03-24 CVE Reserved
  • 2014-04-05 CVE Published
  • 2024-08-06 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Hp
Search vendor "Hp"
 Icewall Identity Manager
Search vendor "Hp" for product "Icewall Identity Manager"
 4.0
Search vendor "Hp" for product "Icewall Identity Manager" and version "4.0"
-
Affected
Hp
Search vendor "Hp"
 Icewall Identity Manager
Search vendor "Hp" for product "Icewall Identity Manager"
 4.0
Search vendor "Hp" for product "Icewall Identity Manager" and version "4.0"
sp1
Affected
Hp
Search vendor "Hp"
 Icewall Identity Manager
Search vendor "Hp" for product "Icewall Identity Manager"
 5.0
Search vendor "Hp" for product "Icewall Identity Manager" and version "5.0"
-
Affected
Hp
Search vendor "Hp"
 Icewall Sso Password Reset Option
Search vendor "Hp" for product "Icewall Sso Password Reset Option"
 10.0
Search vendor "Hp" for product "Icewall Sso Password Reset Option" and version "10.0"
-
Affected