CVE-2014-3070 Information

Description

The addFileRegistryAccount Virtual Member Manager (VMM) SPI Admin Task in IBM WebSphere Application Server (WAS) 8.0.x before 8.0.0.10 and 8.5.x before 8.5.5.3 does not properly create accounts which allows remote attackers to bypass intended access restrictions via unspecified vectors.

Reference

http://www.securityfocus.com/bid/69296 http://www-01.ibm.com/support/docview.wss?uid=swg1PI16765 http://www-01.ibm.com/support/docview.wss?uid=swg21681249 https://exchange.xforce.ibmcloud.com/vulnerabilities/93777