Unrated severityNVD Advisory· Published Jul 7, 2014· Updated May 6, 2026

CVE-2014-0865

Description

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via crafted serialized objects, as demonstrated by limit manipulations.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.htmlnvd
seclists.org/fulldisclosure/2014/Jun/173nvd
secunia.com/advisories/59296nvd
www-01.ibm.com/support/docview.wssnvd
www.securityfocus.com/archive/1/532598/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/90939nvd
www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txtnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000