CVE-2014-0866

IBM Algo Credit Limits 4.5.0-4.7.0 - Cleartext Credential Transmission

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-0866.

AI-analyzed exploit summary This is a detailed security advisory from SEC Consult Vulnerability Lab describing multiple vulnerabilities in IBM Algorithmics RICOS, including CVE-2014-0866. It provides technical details, proof-of-concept examples, and root cause analysis for each vulnerability.

Description

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics sends cleartext credentials over HTTP, which allows remote attackers to obtain sensitive information by sniffing the network.

Exploits (1)

exploitdb WRITEUP
webappsjsp
https://www.exploit-db.com/exploits/33942

This is a detailed security advisory from SEC Consult Vulnerability Lab describing multiple vulnerabilities in IBM Algorithmics RICOS, including CVE-2014-0866. It provides technical details, proof-of-concept examples, and root cause analysis for each vulnerability.

Classification
Writeup 100%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: IBM Algorithmics RICOS 4.5.0 - 4.7.0
No auth needed
Prerequisites: Network access to the target system
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/532598/100/0/threaded
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21675881
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/90940
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Jun/173

Scores

EPSS 0.0549
EPSS Percentile 91.8%

Details

CWE
CWE-310
Status published
Products (3)
ibm/algo_credit_limits 4.5.0
ibm/algo_credit_limits 4.7.0
ibm/algorithmics
Published Jul 07, 2014
Tracked Since Feb 18, 2026