CVE-2014-3079 Information

Description

The Administration and Reporting Tool in IBM Rational License Key Server (RLKS) 8.1.4.x before 8.1.4.4 allows remote authenticated users to bypass authorization checks and visit unspecified URLs with license-usage data via a DESCRIBE clause in a SPARQL query.

Reference

http://secunia.com/advisories/60709 http://secunia.com/advisories/61071 http://www.securityfocus.com/bid/69643 http://www-01.ibm.com/support/docview.wss?uid=swg21681449 http://www-01.ibm.com/support/docview.wss?uid=swg21682627 http://www-01.ibm.com/support/docview.wss?uid=swg24038045 https://exchange.xforce.ibmcloud.com/vulnerabilities/93912