IBM Security Bulletin: IBM Cúram Social Program Management when not configured with LDAP or SSO may be vulnerable to denial of service.(CVE-2014-6092).

Default authentication methods in IBM Curam Social Program Management do not allow for a per user account lockout policy, and rather employ a single, system wide policy. For most users of the system, a low lockout threshold is desirable. However, for users...

from IBM Product Security Incident Response Team http://ift.tt/1DSQFNZ