VYPR
Medium severity5.3NVD Advisory· Published Jun 8, 2017· Updated Jun 17, 2026

CVE-2014-4843

CVE-2014-4843

Description

Curam Universal Access in IBM Curam Social Program Management (SPM) 6.0 SP2 before EP26, 6.0.4 before 6.0.4.6, and 6.0.5 before 6.0.5.5 iFix5 allows remote attackers to obtain sensitive information about internal caseworker usernames via vectors related to a URL.

Affected products

14
  • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.0:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:curam_social_program_management:6.0:sp2:*:*:*:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.