VYPR
← All advisories
Unrated severityNVD Advisory· Published Oct 29, 2014· Updated May 6, 2026

CVE-2014-3051

CVE-2014-3051

Description

The Internet Service Monitor (ISM) agent in IBM Tivoli Composite Application Manager (ITCAM) for Transactions 7.1 and 7.2 before 7.2.0.3 IF28, 7.3 before 7.3.0.1 IF30, and 7.4 before 7.4.0.0 IF18 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain credential information via a crafted certificate.

Affected products

9
  • IBM/Tivoli Composite Application Manager For Transactions9 versions
    cpe:2.3:a:ibm:tivoli_composite_application_manager_for_transactions:7.1.0.0:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:ibm:tivoli_composite_application_manager_for_transactions:7.1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_composite_application_manager_for_transactions:7.1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_composite_application_manager_for_transactions:7.1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_composite_application_manager_for_transactions:7.1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_composite_application_manager_for_transactions:7.1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_composite_application_manager_for_transactions:7.2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_composite_application_manager_for_transactions:7.2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_composite_application_manager_for_transactions:7.2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_composite_application_manager_for_transactions:7.3.0.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.