Description
Multiple serious vulnerabilities have been found in IBM products.
Below is a complete list of vulnerabilities
- Improper WAR applications support in IBM Bluemix can be exploited remotely via unspecified vectors related to Java overlay feature;
- Improper API access restrictions in IBM API management can be exploited remotely via a specially designed API calls;
- Improper TLS state translation in ITDS and ISDS can be exploited remotely via a specially designed TLS traffic;
- Improper query handling in IBM Content Collector can be exploited remotely via a specially designed query;
- Improper trace and log realization in IBM TIMAD and SIMAD can be exploited locally via log reading;
- Lack of password handling restrictions in IBM RAtional ClearCase can be exploited locally via mani0pulations with installation account.
Original advisories
Related products
CVE list
- CVE-2014-8923 warning
- CVE-2015-0138 warning
- CVE-2015-0149 high
- CVE-2015-0146 warning
- CVE-2014-6134 warning
- CVE-2015-0178 warning
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!