Vulnerabilities > CVE-2014-6098 - Credentials Management vulnerability in IBM Security Identity Manager
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
IBM Security Identity Manager 6.x before 6.0.0.3 IF14 allows remote attackers to discover cleartext passwords via a crafted request.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Common Weakness Enumeration (CWE)
References
- http://secunia.com/advisories/62363
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV66496
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV66624
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV66635
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV66637
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV66642
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV66645
- http://www-01.ibm.com/support/docview.wss?uid=swg21689779
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95961