CVE-2014-3073

critical

Published 2014-06-21 · Modified 2026-05-06

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

Unspecified vulnerability in IBM Security Access Manager (ISAM) for Mobile 8.0 and IBM Security Access Manager for Web 7.0 and 8.0 allows remote attackers to execute arbitrary code via unknown vectors.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg21676699

Application impact

Vendor	Product	Versions
ibm	security_access_manager_for_mobile_software	`8.0`
ibm	security_access_manager_for_web_software	`7.0`
ibm	security_access_manager_for_web_software	`8.0`

References

http://secunia.com/advisories/59438
http://www-01.ibm.com/support/docview.wss?uid=swg1IV61563
http://www-01.ibm.com/support/docview.wss?uid=swg21676699
http://www.securityfocus.com/bid/68137
https://exchange.xforce.ibmcloud.com/vulnerabilities/93790
http://secunia.com/advisories/59438
http://www-01.ibm.com/support/docview.wss?uid=swg1IV61563
http://www-01.ibm.com/support/docview.wss?uid=swg21676699
http://www.securityfocus.com/bid/68137
https://exchange.xforce.ibmcloud.com/vulnerabilities/93790

Verify integrity in audit chain (admin only). AS-IS.