CVE-2014-0865

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via crafted serialized objects, as demonstrated by limit manipulations.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:algo_credit_limits:4.5.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:algo_credit_limits:4.7.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:algorithmics:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-07-07 11:01

Updated : 2024-02-04 18:35


NVD link : CVE-2014-0865

Mitre link : CVE-2014-0865

CVE.ORG link : CVE-2014-0865


JSON object : View

Products Affected

ibm

  • algorithmics
  • algo_credit_limits
CWE
CWE-20

Improper Input Validation