Medium severity5.3NVD Advisory· Published Jun 8, 2017· Updated Jun 17, 2026
CVE-2014-4843
CVE-2014-4843
Description
Curam Universal Access in IBM Curam Social Program Management (SPM) 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.5 iFix5 allows remote attackers to obtain sensitive information about internal caseworker usernames via vectors related to a URL.
Affected products
14cpe:2.3:a:ibm:curam_social_program_management:6.0.4.0:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:a:ibm:curam_social_program_management:6.0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:curam_social_program_management:6.0.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:curam_social_program_management:6.0.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:curam_social_program_management:6.0.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:curam_social_program_management:6.0.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:curam_social_program_management:6.0.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:curam_social_program_management:6.0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:curam_social_program_management:6.0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:curam_social_program_management:6.0.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:curam_social_program_management:6.0.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:curam_social_program_management:6.0.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:curam_social_program_management:6.0:sp2:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
2- www-01.ibm.com/support/docview.wssnvdVendor Advisory
- www.securityfocus.com/bid/73943nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.