Vulnerabilities > CVE-2014-0867 - Unspecified vulnerability in IBM Algo Credit Limits and Algorithmics
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN ibm
exploit available
Summary
rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to create or modify cookies via the query string.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | IBM Algorithmics RICOS 4.5.0 - 4.7.0 - Multiple Vulnerabilities. CVE-2014-0864,CVE-2014-0865,CVE-2014-0866,CVE-2014-0867,CVE-2014-0868,CVE-2014-0869,CVE-2014... |
| id | EDB-ID:33942 |
| last seen | 2016-02-03 |
| modified | 2014-07-01 |
| published | 2014-07-01 |
| reporter | SEC Consult |
| source | https://www.exploit-db.com/download/33942/ |
| title | IBM Algorithmics RICOS 4.5.0 - 4.7.0 - Multiple Vulnerabilities |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/127304/SA-20140630-0.txt |
| id | PACKETSTORM:127304 |
| last seen | 2016-12-05 |
| published | 2014-06-30 |
| reporter | F. Lukavsky |
| source | https://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html |
| title | IBM Algorithmics RICOS Disclosure / XSS / CSRF |
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:87112 |
| last seen | 2017-11-19 |
| modified | 2014-07-02 |
| published | 2014-07-02 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-87112 |
| title | IBM Algorithmics RICOS 4.5.0 - 4.7.0 - Multiple Vulnerabilities |
References
- http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html
- http://packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.html
- http://seclists.org/fulldisclosure/2014/Jun/173
- http://seclists.org/fulldisclosure/2014/Jun/173
- http://www.securityfocus.com/archive/1/532598/100/0/threaded
- http://www.securityfocus.com/archive/1/532598/100/0/threaded
- http://www-01.ibm.com/support/docview.wss?uid=swg21675881
- http://www-01.ibm.com/support/docview.wss?uid=swg21675881
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90941
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90941
- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt
- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txt