Lucene search

IbmCVE-2013-4070

HistoryDec 21, 2013 - 2:22 p.m.

CVE-2013-4070

2013-12-2114:22:56

CWE-200

ibm

web.nvd.nist.gov

ibm

spss

collaboration

deployment services

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.003

Percentile

69.1%

JSON

The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to discover an internal password via unspecified vectors.

Affected configurations

Nvd

Node

ibmspss_collaboration_and_deployment_servicesMatch4.2.1

ibmspss_collaboration_and_deployment_servicesMatch4.2.1.1

ibmspss_collaboration_and_deployment_servicesMatch4.2.1.2

ibmspss_collaboration_and_deployment_servicesMatch4.2.1.3

ibmspss_collaboration_and_deployment_servicesMatch5.0.0

ibmspss_collaboration_and_deployment_servicesMatch5.0.0.1

ibmspss_collaboration_and_deployment_servicesMatch5.0.0.2

VendorProductVersionCPE
ibmspss_collaboration_and_deployment_services4.2.1cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1:*:*:*:*:*:*:*
ibmspss_collaboration_and_deployment_services4.2.1.1cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.1:*:*:*:*:*:*:*
ibmspss_collaboration_and_deployment_services4.2.1.2cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.2:*:*:*:*:*:*:*
ibmspss_collaboration_and_deployment_services4.2.1.3cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.3:*:*:*:*:*:*:*
ibmspss_collaboration_and_deployment_services5.0.0cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0:*:*:*:*:*:*:*
ibmspss_collaboration_and_deployment_services5.0.0.1cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.1:*:*:*:*:*:*:*
ibmspss_collaboration_and_deployment_services5.0.0.2cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	spss_collaboration_and_deployment_services	4.2.1	cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1:::::::*
ibm	spss_collaboration_and_deployment_services	4.2.1.1	cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.1:::::::*
ibm	spss_collaboration_and_deployment_services	4.2.1.2	cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.2:::::::*
ibm	spss_collaboration_and_deployment_services	4.2.1.3	cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.3:::::::*
ibm	spss_collaboration_and_deployment_services	5.0.0	cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0:::::::*
ibm	spss_collaboration_and_deployment_services	5.0.0.1	cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.1:::::::*
ibm	spss_collaboration_and_deployment_services	5.0.0.2	cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.2:::::::*

References

www-01.ibm.com/support/docview.wss?uid=swg1PM95817

www-01.ibm.com/support/docview.wss?uid=swg21660191

exchange.xforce.ibmcloud.com/vulnerabilities/86656

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.8

Confidence

Low

EPSS

0.003

Percentile

69.1%

JSON

Related for CVE-2013-4070