CyberSec.Space Logo
返回 CVE 浏览器

CVE-2014-6151

LOW
3.5
CVSS Severity Score
EPSS Score0.1620%
EPSS Percentile13.48th
Published2014年10月25日
Last Modified2026年5月6日

Vulnerability Description

CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Affected Platforms (CPE)

📦
Ibm

Tivoli Integrated Portal

= 2.1
📦
Ibm

Tivoli Integrated Portal

= 2.2

References & Advisories

🔗 http://secunia.com/advisories/61899
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21687541
🔗 http://www.securityfocus.com/bid/70727
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/97033
🔗 http://secunia.com/advisories/61899
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21687541

相关漏洞威胁

CVE-2011-073210.0

Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM Tivoli Common Reporting (TCR) 1...

CVE-2014-30206.9

install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 s...

CVE-2011-13206.8

The Security component in IBM WebSphere Application Server (WAS) 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15, when the Tivoli ...

CVE-2016-03035.4

Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to injec...