← Retour aux CVEs
CVE-2025-14811
LOW3.1
Description
IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques.
Details CVE
Score CVSS v3.13.1
SeveriteLOW
Vecteur CVSSCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Vecteur d'attaqueNETWORK
ComplexiteHIGH
Privileges requisLOW
Interaction utilisateurNONE
Publie3/13/2026
Derniere modification4/2/2026
Sourcenvd
Observations honeypot0
Produits affectes
ibm:sterling_partner_engagement_manager
Faiblesses (CWE)
CWE-598
References
https://www.ibm.com/support/pages/node/7263391(psirt@us.ibm.com)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.