CVE-2014-4804

IBM Curam <6.0.5.5 - Info Disclosure

Title source: llm
STIX 2.1

Description

Curam Universal Access in IBM Curam Social Program Management 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4.5 before iFix007, 6.0.5.4 before iFix005, and 6.0.5.5 before iFix003, when SPI inclusion is enabled, allows remote attackers to obtain sensitive user data by visiting an unspecified page.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95306
Patch, Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21695931

Scores

EPSS 0.0107
EPSS Percentile 60.7%

Details

CWE
CWE-200
Status published
Products (5)
ibm/curam_social_program_management 6.0 sp2
ibm/curam_social_program_management 6.0.4.5
ibm/curam_social_program_management 6.0.5.4
ibm/curam_social_program_management 6.0.5.5
ibm/curam_social_program_management < 5.2
Published Feb 14, 2015
Tracked Since Feb 18, 2026