CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-6151

LOW
3.5
CVSS Severity Score
EPSS Score0.1620%
EPSS Percentile13.48th
Published2014年10月25日
Last Modified2026年5月6日

Vulnerability Description

CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Affected Platforms (CPE)

📦
Ibm

Tivoli Integrated Portal

= 2.1
📦
Ibm

Tivoli Integrated Portal

= 2.2

References & Advisories

🔗 http://secunia.com/advisories/61899
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21687541
🔗 http://www.securityfocus.com/bid/70727
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/97033
🔗 http://secunia.com/advisories/61899
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21687541

関連する脆弱性情報

CVE-2011-073210.0

Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM Tivoli Common Reporting (TCR) 1...

CVE-2014-30206.9

install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 s...

CVE-2011-13206.8

The Security component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15, when the Tivoli ...

CVE-2016-03035.4

Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to injec...