RICOS in IBM Algo Credit Limits (aka ACLM) 4.5.0 through 4.7.0 before 4.7.0.03 FP5 in IBM Algorithmics relies on client-side input validation, which allows remote authenticated users to bypass intended dual-control restrictions and modify data via crafted serialized objects, as demonstrated by limit manipulations.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2014-07-07 04:01
Updated : 2018-10-09 12:42
NVD link : CVE-2014-0865
Mitre link : CVE-2014-0865
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
ibm
- algo_credit_limits
- algorithmics