CVE-2014-8887 - Vulnerability Details

IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ibm	Marketing Operations

Configuration 1 [-]

OR	cpe:2.3:a:ibm:marketing_operations:7.2.0.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.2.0.4:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.2.1.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.2.1.12:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.3.2.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.3.2.1:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.3.2.8:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.4.0.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.4.0.2:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.4.1.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.4.1.6:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.4.2.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.4.2.7:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.5.0.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.5.0.1:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.5.2.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.5.2.3:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.5.3.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.5.3.7:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.5.3.8:::::::*
	cpe:2.3:a:ibm:marketing_operations:7.5.3.9:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.0.0.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.0.0.2:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.1.0.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.1.0.6:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.1.0.7:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.1.1.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.1.1.4:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.2.0.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.2.0.5:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.2.0.6:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.2.0.7:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.2.0.8:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.2.0.9:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.2.0.10:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.2.0.11:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.2.0.12:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.2.0.13:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.5.0.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.5.0.1:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.5.0.2:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.5.0.3:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.5.0.4:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.5.0.5:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.5.0.6:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.5.0.7:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.6.0.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.6.0.2:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.6.0.3:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.6.0.4:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.6.0.5:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.6.0.6:::::::*
	cpe:2.3:a:ibm:marketing_operations:8.6.0.7:::::::*
	cpe:2.3:a:ibm:marketing_operations:9.0.0.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:9.0.0.1:::::::*
	cpe:2.3:a:ibm:marketing_operations:9.0.0.2:::::::*
	cpe:2.3:a:ibm:marketing_operations:9.0.0.3:::::::*
	cpe:2.3:a:ibm:marketing_operations:9.0.0.4:::::::*
	cpe:2.3:a:ibm:marketing_operations:9.1.0.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:9.1.0.2:::::::*
	cpe:2.3:a:ibm:marketing_operations:9.1.0.3:::::::*
	cpe:2.3:a:ibm:marketing_operations:9.1.0.4:::::::*
	cpe:2.3:a:ibm:marketing_operations:9.1.1.0:::::::*
	cpe:2.3:a:ibm:marketing_operations:9.1.1.1:::::::*

No data.

References

Link	Providers
http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715
http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923
http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455
http://www-01.ibm.com/support/docview.wss?uid=swg21902933

History

No history.

MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2015-06-07T18:00:00

Updated: 2024-08-06T13:33:11.945Z

Reserved: 2014-11-14T00:00:00

Link: CVE-2014-8887

Vulnrichment

No data.

NVD

Status : Modified

Published: 2015-06-07T18:59:02.470

Modified: 2024-11-21T02:19:53.783

Link: CVE-2014-8887

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-05-28T00:00:00", "descriptions": [{"lang": "en", "value": "IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-06-07T18:57:00", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"}, {"name": "PO04455", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"}, {"name": "PO02715", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"}, {"name": "PO03923", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2014-8887", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"}, {"name": "PO04455", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"}, {"name": "PO02715", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"}, {"name": "PO03923", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:33:11.945Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"}, {"name": "PO04455", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"}, {"name": "PO02715", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"}, {"name": "PO03923", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2014-8887", "datePublished": "2015-06-07T18:00:00", "dateReserved": "2014-11-14T00:00:00", "dateUpdated": "2024-08-06T13:33:11.945Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E531A36F-A564-471F-BAD0-D1C5FC85DA3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "DAE23ADE-A03F-4D45-9E38-5CB6BEBEAB49", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE7C4573-F53A-43EF-B440-58034244190D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "6ABAE3AA-4055-4F2B-B8A7-D6C3394B9E88", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "0B71AD86-240D-4979-A77C-33696E4213DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F2F21BD4-DA4A-4136-BA6F-95874B8F8922", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "E34E9484-52FB-4B43-B4F5-8A38521C53A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "537D64AD-E149-4216-B44D-8BA332ABFD9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B341A3E2-4B41-4DEB-808A-91E9ACA72CD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D67C55B1-026B-401F-ACDA-B66005CE32AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "AA042350-E6FA-41F3-919D-9C841758E372", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "455339EF-4E46-49BE-981C-D33B95FC7178", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "67394F9C-E8E5-4D6D-95C3-B6EDE6B3AA22", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "9B9AE915-AF90-4708-8F0C-AA1E5E665B35", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "080925DF-094A-4112-88FD-1D694783E0D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "200D048E-AF6D-4297-BA6F-2B0DE85DC2AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "785007F6-EE19-4656-9308-6E8AF0085301", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB0CF9F4-05B2-4421-BBDD-C1F40207046A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "7D09BD7A-D6A5-4FF7-ADA4-938F3D5C65D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "09BD533F-071B-4B7C-8F5B-00D4DDECFD40", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "98457298-9D1D-42C5-B881-6F44E6491B83", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6354E225-151F-47C4-9F09-8C8A48EBE0C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "B72D0B99-6EBF-4C26-BF10-386D6E85697F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6D287267-07BB-4C69-8D45-BEB037A43C6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "B011552F-ABB0-444A-9D29-007959F675E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "1BC7CE4C-AB66-44F2-8C68-7EBBB5EF5D30", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "73EAB8BC-D328-433E-96A6-45D0E7DA22E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "C4A96506-150B-42AE-AECF-1B113711BD6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE31DEBA-4EE0-41E3-9AEA-598F16508CF0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "98E7EE0B-8C30-40E5-B13E-4372F544EA3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "5BAFA92D-5945-4C63-B1C7-D7E7382C91E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "9D7F1AFD-EABC-4F3B-AB7D-9A7646A128EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "9EBB9FB2-A887-48B1-BBA1-6433D3C4B349", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "675ED36E-E604-47A0-9D25-1E226B34C60A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "3D201D6C-B4C1-4F70-9E2C-F9DD66C6365E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "264A3344-3C67-469D-B66B-7DF224C5CC5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "318EA510-B8F7-4D7F-885B-6587AE254331", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "B0464BC7-9657-45DC-BFAD-70DC752FCFAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "12292141-84D2-4FF9-A876-30D5382E7F30", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2C7723EF-F236-44CD-801E-55C970AD552F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "D34A3430-1BEA-4EDF-9315-B15322847334", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "CBBA46AE-5D4A-4CA8-8F5B-34E8F38D21FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "6362AAC2-5A15-4717-A426-29F395355EC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "51F99258-65C2-4DB6-A4E1-AB07C728AA53", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "8D06F9F7-1560-4E2E-B1C6-2A9FD3BBF81C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "BEE7BC6F-74F4-4C04-8821-6907611D5E2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "ACFA73E2-B8C4-494F-B894-D25A024B4559", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "267EDCCE-0448-4868-AA97-5BE82FE406A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "8B2504F5-7DCA-4157-B90A-41372DA27162", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "2BF2E40C-7147-4C73-BCDE-3C741C863902", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "3DFD3BE6-92D9-423F-A4EE-4117DCE08B75", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "8BC7AD7A-258D-4BF4-8E79-F9D604B7AB3D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "D8836B46-251D-4A64-94EF-EF87A995A047", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "E41E05D9-5E80-42F3-B7A3-C1933EB5D873", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B74EB5EB-608A-4941-B3C9-230980EF326F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E2EB5394-A456-40F3-9139-AA547708DB4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "9D3A26D4-5FD5-4420-A181-D7589C4642C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "B352CB2F-69D3-4D84-B995-5EAD31369624", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AB557416-74AD-4E44-8440-1DEBD90AEC2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "431A59C0-0E34-4F1D-91B4-999D32933E6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "32B2C3DF-6B89-4DA7-9348-DDA33F1ECC82", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "47C6D490-4BDD-4A77-9D76-CB31E5E2B8A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0EDBAC4E-8904-4DD0-9833-B2295E3A5511", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4898B8CF-2FD9-4339-B765-574703BA2A18", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors."}, {"lang": "es", "value": "IBM Marketing Operations 7.x y 8.x anterior a 8.5.0.7.2, 8.6.x anterior a 8.6.0.8, 9.0.x anterior a 9.0.0.4.1, 9.1.0.x anterior a 9.1.0.5, y 9.1.1.x anterior a 9.1.1.2 permite a usuarios remotos autenticados subir ficheros GIFAR arbitrarios, y como consecuencia modificar datos, a trav\u00e9s de vectores no especificados."}], "id": "CVE-2014-8887", "lastModified": "2024-11-21T02:19:53.783", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-06-07T18:59:02.470", "references": [{"source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"}, {"source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"}, {"source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object