VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 21, 2014· Updated Jun 17, 2026

CVE-2014-3052

CVE-2014-3052

Description

The reverse-proxy feature in IBM Security Access Manager (ISAM) for Web 8.0 with firmware 8.0.0.2 and 8.0.0.3 interprets the jct-nist-compliance parameter in the opposite of the intended manner, which makes it easier for remote attackers to obtain sensitive information by leveraging weak SSL encryption settings that lack NIST SP 800-131A compliance.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • IBM/Security Access Manager For Web 8.0 Firmware3 versions
    cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:h:ibm:security_access_manager_for_web_appliance:8.0:*:*:*:*:*:*:*
    • cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:ibm:security_access_manager_for_web_8.0_firmware:8.0.0.3:*:*:*:*:*:*:*
  • IBM/Security Access Manager for Webllm-fuzzy
    Range: 8.0.0.2, 8.0.0.3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.