Lucene search

K
nvd[email protected]NVD:CVE-2013-5413
HistoryDec 21, 2013 - 2:22 p.m.

CVE-2013-5413

2013-12-2114:22:57
CWE-287
web.nvd.nist.gov
4

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.003

Percentile

67.8%

IBM Sterling B2B Integrator 5.2 and Sterling File Gateway 2.2 do not invalidate a session upon a logout action, which allows remote attackers to bypass authentication by leveraging an unattended workstation.

Affected configurations

Nvd
Node
ibmsterling_b2b_integratorMatch5.2
OR
ibmsterling_file_gatewayMatch2.2
VendorProductVersionCPE
ibmsterling_b2b_integrator5.2cpe:2.3:a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*
ibmsterling_file_gateway2.2cpe:2.3:a:ibm:sterling_file_gateway:2.2:*:*:*:*:*:*:*

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.003

Percentile

67.8%

Related for NVD:CVE-2013-5413