Unrated severityNVD Advisory· Published Jul 7, 2014· Updated May 6, 2026

CVE-2014-0894

Description

RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics allows context-dependent attackers to discover database credentials by reading the DbUser and DbPass fields in an XML document.

Affected products

IBM/Algo Credit Limits2 versions
cpe:2.3:a:ibm:algo_credit_limits:4.5.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:ibm:algo_credit_limits:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:algo_credit_limits:4.7.0:*:*:*:*:*:*:*
IBM/Algorithmics
cpe:2.3:a:ibm:algorithmics:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140630-0_IBM_Algorithmics_RICOS_multiple_vulnerabilities_v10.txtnvdExploit
www-01.ibm.com/support/docview.wssnvdVendor Advisory
packetstormsecurity.com/files/127304/IBM-Algorithmics-RICOS-Disclosure-XSS-CSRF.htmlnvd
seclists.org/fulldisclosure/2014/Jun/173nvd
secunia.com/advisories/59296nvd
www.securityfocus.com/archive/1/532598/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/91313nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.010
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000