CVE-2014-3012 in Curam Social Program Managementinfo

Summary

Multiple CRLF injection vulnerabilities in IBM Curam Social Program Management 5.2 SP1 through 6.0.5.4 allow remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified parameters to custom JSPs.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

04/29/2014

Disclosure

06/18/2014

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-93 (Confirmed)

CVSS

3.5

EPSS

0.00173

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-3012
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-3012
CVE Details	https://www.cvedetails.com/cve/CVE-2014-3012/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!