Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2013-4053
HistorySep 20, 2013 - 9:55 p.m.

CVE-2013-4053

2013-09-2021:55:05
CWE-20
[email protected]
web.nvd.nist.gov
5

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.2

Confidence

Low

EPSS

0.006

Percentile

77.7%

JSON

The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured for XML Digital Signatures, does not properly verify X.509 certificates, which allows remote attackers to obtain privileged access via unspecified vectors.

Affected configurations

Nvd
Node
ibmwebsphere_application_serverMatch8.5.0.0
OR
ibmwebsphere_application_serverMatch8.5.0.1
OR
ibmwebsphere_application_serverMatch8.5.0.2
OR
ibmwebsphere_application_serverMatch8.5.5.0
Node
ibmwebsphere_application_serverMatch7.0
OR
ibmwebsphere_application_serverMatch7.0.0.1
OR
ibmwebsphere_application_serverMatch7.0.0.2
OR
ibmwebsphere_application_serverMatch7.0.0.3
OR
ibmwebsphere_application_serverMatch7.0.0.4
OR
ibmwebsphere_application_serverMatch7.0.0.5
OR
ibmwebsphere_application_serverMatch7.0.0.6
OR
ibmwebsphere_application_serverMatch7.0.0.7
OR
ibmwebsphere_application_serverMatch7.0.0.8
OR
ibmwebsphere_application_serverMatch7.0.0.9
OR
ibmwebsphere_application_serverMatch7.0.0.10
OR
ibmwebsphere_application_serverMatch7.0.0.11
OR
ibmwebsphere_application_serverMatch7.0.0.12
OR
ibmwebsphere_application_serverMatch7.0.0.13
OR
ibmwebsphere_application_serverMatch7.0.0.14
OR
ibmwebsphere_application_serverMatch7.0.0.15
OR
ibmwebsphere_application_serverMatch7.0.0.16
OR
ibmwebsphere_application_serverMatch7.0.0.17
OR
ibmwebsphere_application_serverMatch7.0.0.18
OR
ibmwebsphere_application_serverMatch7.0.0.19
OR
ibmwebsphere_application_serverMatch7.0.0.21
OR
ibmwebsphere_application_serverMatch7.0.0.22
OR
ibmwebsphere_application_serverMatch7.0.0.23
OR
ibmwebsphere_application_serverMatch7.0.0.24
OR
ibmwebsphere_application_serverMatch7.0.0.25
OR
ibmwebsphere_application_serverMatch7.0.0.27
OR
ibmwebsphere_application_serverMatch7.0.0.29
Node
ibmwebsphere_application_serverMatch8.0.0.0
OR
ibmwebsphere_application_serverMatch8.0.0.1
OR
ibmwebsphere_application_serverMatch8.0.0.2
OR
ibmwebsphere_application_serverMatch8.0.0.3
OR
ibmwebsphere_application_serverMatch8.0.0.4
OR
ibmwebsphere_application_serverMatch8.0.0.5
OR
ibmwebsphere_application_serverMatch8.0.0.6
OR
ibmwebsphere_application_serverMatch8.0.0.7
Node
ibmwebsphere_application_serverMatch6.1
OR
ibmwebsphere_application_serverMatch6.1.0
OR
ibmwebsphere_application_serverMatch6.1.0.0
OR
ibmwebsphere_application_serverMatch6.1.0.1
OR
ibmwebsphere_application_serverMatch6.1.0.2
OR
ibmwebsphere_application_serverMatch6.1.0.3
OR
ibmwebsphere_application_serverMatch6.1.0.5
OR
ibmwebsphere_application_serverMatch6.1.0.7
OR
ibmwebsphere_application_serverMatch6.1.0.9
OR
ibmwebsphere_application_serverMatch6.1.0.11
OR
ibmwebsphere_application_serverMatch6.1.0.12
OR
ibmwebsphere_application_serverMatch6.1.0.13
OR
ibmwebsphere_application_serverMatch6.1.0.14
OR
ibmwebsphere_application_serverMatch6.1.0.15
OR
ibmwebsphere_application_serverMatch6.1.0.17
OR
ibmwebsphere_application_serverMatch6.1.0.19
OR
ibmwebsphere_application_serverMatch6.1.0.21
OR
ibmwebsphere_application_serverMatch6.1.0.23
OR
ibmwebsphere_application_serverMatch6.1.0.25
OR
ibmwebsphere_application_serverMatch6.1.0.27
OR
ibmwebsphere_application_serverMatch6.1.0.29
OR
ibmwebsphere_application_serverMatch6.1.0.31
OR
ibmwebsphere_application_serverMatch6.1.0.33
OR
ibmwebsphere_application_serverMatch6.1.0.35
OR
ibmwebsphere_application_serverMatch6.1.0.37
OR
ibmwebsphere_application_serverMatch6.1.0.39
OR
ibmwebsphere_application_serverMatch6.1.0.41
OR
ibmwebsphere_application_serverMatch6.1.0.43
OR
ibmwebsphere_application_serverMatch6.1.0.45
Node
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.11
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.13
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.15
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.17
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.19
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.21
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.23
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.25
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.27
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.29
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.31
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.33
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.35
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.37
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.39
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.41
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.43
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.45
OR
ibmwebsphere_application_server_feature_pack_for_web_servicesMatch6.1.0.47
VendorProductVersionCPE
ibmwebsphere_application_server8.5.0.0cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*
ibmwebsphere_application_server8.5.0.1cpe:2.3:a:ibm:websphere_application_server:8.5.0.1:*:*:*:*:*:*:*
ibmwebsphere_application_server8.5.0.2cpe:2.3:a:ibm:websphere_application_server:8.5.0.2:*:*:*:*:*:*:*
ibmwebsphere_application_server8.5.5.0cpe:2.3:a:ibm:websphere_application_server:8.5.5.0:*:*:*:*:*:*:*
ibmwebsphere_application_server7.0cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*
ibmwebsphere_application_server7.0.0.1cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*
ibmwebsphere_application_server7.0.0.2cpe:2.3:a:ibm:websphere_application_server:7.0.0.2:*:*:*:*:*:*:*
ibmwebsphere_application_server7.0.0.3cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*
ibmwebsphere_application_server7.0.0.4cpe:2.3:a:ibm:websphere_application_server:7.0.0.4:*:*:*:*:*:*:*
ibmwebsphere_application_server7.0.0.5cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*
Rows per page:
1-10 of 871

Related

prion 1
cvelist 1
cve 1
openvas 1
ibm 5
nessus 4
prion
prion
Code injection
2013-09-20 21:55:00
cvelist
cvelist
CVE-2013-4053
2013-09-20 21:00:00
cve
cve
CVE-2013-4053
2013-09-20 21:55:05
openvas
openvas
IBM Websphere Application Server Multiple Vulnerabilities-08 (Jan 2016)
2016-01-19 00:00:00
ibm
ibm
Security Bulletin: Potential Security Vulnerabilites fixed in IBM WebSphere Application Server 8.0.0.8
2018-06-15 06:59:10
Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 7.0.0.31
2018-06-15 06:59:10
Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.5.1
2022-09-26 03:31:32
nessus
nessus
IBM WebSphere Application Server 8.0 < Fix Pack 8 Multiple Vulnerabilities
2014-01-20 00:00:00
IBM WebSphere Application Server 7.0 < Fix Pack 31 Multiple Vulnerabilities
2014-01-20 00:00:00
IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.1 Multiple Vulnerabilities
2013-12-05 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

6.2

Confidence

Low

EPSS

0.006

Percentile

77.7%

JSON
Related for NVD:CVE-2013-4053
prion1cvelist1cve1openvas1ibm5nessus4