Lucene search
IbmCVE-2013-5420HistoryDec 23, 2013 - 10:55 p.m.
CVE-2013-5420
2013-12-2322:55:02
CWE-264
ibm
web.nvd.nist.gov
23
cve-2013-5420
ims server
ibm security access manager
esso
log files
helpdesk privileges
nvd
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.001
Percentile
40.2%
The IMS server before Ifix 6 in IBM Security Access Manager for Enterprise Single Sign-On (ISAM ESSO) 8.2 allows remote authenticated users to read log files by leveraging helpdesk privileges for a direct request.
Affected configurations
Node
ibmsecurity_access_manager_for_enterprise_single_sign-onMatch8.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | security_access_manager_for_enterprise_single_sign-on | 8.2 | cpe:2.3:a:ibm:security_access_manager_for_enterprise_single_sign-on:8.2:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2013-5420
2013-12-23 22:55:02
prion
prion
Design/Logic Flaw
2013-12-23 22:55:00
cvelist
cvelist
CVE-2013-5420
2013-12-23 22:00:00
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.001
Percentile
40.2%
Related for CVE-2013-5420