{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T02:05:19.833","vulnerabilities":[{"cve":{"id":"CVE-2014-6077","sourceIdentifier":"psirt@us.ibm.com","published":"2014-12-18T16:59:01.457","lastModified":"2026-05-06T22:30:45.220","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences."},{"lang":"es","value":"Vulnerabilidad de CSRF en IBM Security Access Manager for Mobile 8.x anterior a 8.0.1 y Security Access Manager for Web 7.x anterior a 7.0.0 FP10 y 8.x anterior a 8.0.1 permite a atacantes remotos a robar la autenticación de usuarios arbitrarios de peticiones insertadas en secuencias XSS."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-352"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_access_manager_for_web:7.0:*:*:*:*:*:*:*","matchCriteriaId":"4133E7B3-02B3-44C8-BBD7-234E06C3EC70"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_access_manager_for_web:8.0:*:*:*:*:*:*:*","matchCriteriaId":"6A4AD958-FDB2-4F63-AD4F-C88B33BFA692"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:security_access_manager_for_mobile:8.0:*:*:*:*:*:*:*","matchCriteriaId":"FF1B0C02-D5D9-4F10-9120-C76D39D5C323"}]}]}],"references":[{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358","source":"psirt@us.ibm.com"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581","source":"psirt@us.ibm.com"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21684475","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/95730","source":"psirt@us.ibm.com"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IV67358","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg1IV67581","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21684475","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/95730","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}