VYPR
Unrated severityNVD Advisory· Published Feb 14, 2015· Updated Jun 17, 2026

CVE-2014-4804

CVE-2014-4804

Description

Curam Universal Access in IBM Curam Social Program Management 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4.5 before iFix007, 6.0.5.4 before iFix005, and 6.0.5.5 before iFix003, when SPI inclusion is enabled, allows remote attackers to obtain sensitive user data by visiting an unspecified page.

Affected products

6
  • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.5:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0:sp2:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:*:sp6:*:*:*:*:*:*range: <=5.2
    • (no CPE)range: 5.2 before SP6 EP6, 6.0 SP2 before EP26, 6.0.4.5 before iFix007, 6.0.5.4 before iFix005, 6.0.5.5 before iFix003

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.