A remote, unauthenticated attacker can send a HTTP request to retrieve the content of any file on the IBM SPSS Collaboration and Deployment Service server.
CVEID:_CVE-2013-4043 _
DESCRIPTION:
A remote, unauthenticated attacker can send a HTTP request to retrieve the content of any file on the IBM SPSS Collaboration and Deployment Service server . All users of Collaboration and Deployment Services are vulnerable.
CVSS Base Score: 5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/86419 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)
Collaboration and Deployment Services, version 6.0 and earlier.
Product | VRMF | APAR | Fix |
---|---|---|---|
Collaboration and Deployment Services | 6.0.0.0 | PI07828 | 6.0 Intermediate Fix 1 |
Collaboration and Deployment Services | 5.0.0.0 | PI07828 | 5.0 FP3 |
Collaboration and Deployment Services | 4.2.1 | PI07828 | 4.2.1.3 Intermediate Fix 3 |
None