NVD

Id
31291  
Name
CVE-2014-3012  
Description
Multiple CRLF injection vulnerabilities in IBM Curam Social Program Management 5.2 SP1 through 6.0.5.4 allow remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified parameters to custom JSPs.  
Reject
 
CVSS Version
2  
CVSS Score
3.5  
Severity
Low  
CVSS Base Score
3.5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:N/I:P/A:N)  
Pub Date
2017-01-19  
Published
2014-06-18  
Modified Date
2014-06-21  
Seq
2014-3012  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
163918 31291 CVE-2014-3012 http://www-01.ibm.com/support/docview.wss?uid=swg21675454  View
163919 31291 CVE-2014-3012 ibm-curam-cve20143012-crlf-injection(93010)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
14105 JVNDB-2014-002980 IBM Curam Social Program Management における CRLF インジェクションの脆弱性 IBM Curam Social Program Management には、CRLF インジェクションの脆弱性が存在します。 CVE-2014-3012 70299 CVE-2014-3012 31291 3.5 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002980.html 2014-06-09 2014-06-20 View