Short Name |
HTTP:MISC:IBM-CRDIT-LMT-BYPAS |
---|---|
Severity |
Minor |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
IBM Algo Credit Limits CVE-2014-0867 Security Bypass |
Release Date |
2015/02/04 |
Update Number |
2463 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against IBM. A successful exploit can result in a sensitive data modification.
rcore6/main/addcookie.jsp in RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows remote attackers to create or modify cookies via the query string.