CVE-2014-3079

Severity CVSS v4.0:
Pending analysis
Type:
CWE-264 Permissions, Privileges, and Access Control
Publication date:
10/09/2014
Last modified:
12/04/2025

Description

The Administration and Reporting Tool in IBM Rational License Key Server (RLKS) 8.1.4.x before 8.1.4.4 allows remote authenticated users to bypass authorization checks and visit unspecified URLs with license-usage data via a DESCRIBE clause in a SPARQL query.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:ibm:rational_license_key_server:8.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_license_key_server:8.1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:rational_license_key_server:8.1.4.3:*:*:*:*:*:*:*