Lucene search

[email protected]NVD:CVE-2013-5454

HistoryNov 18, 2013 - 3:55 a.m.

CVE-2013-5454

2013-11-1803:55:06

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.003

Percentile

69.1%

JSON

IBM WebSphere Portal 6.0 through 6.0.1.7, 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF25, and 8.0 through 8.0.0.1 CF08 allows remote attackers to read arbitrary files via a modified URL.

Affected configurations

Nvd

Node

ibmwebsphere_portalMatch6.0.0.0

ibmwebsphere_portalMatch6.0.0.1

ibmwebsphere_portalMatch6.0.1.0

ibmwebsphere_portalMatch6.0.1.1

ibmwebsphere_portalMatch6.0.1.2

ibmwebsphere_portalMatch6.0.1.3

ibmwebsphere_portalMatch6.0.1.4

ibmwebsphere_portalMatch6.0.1.5

ibmwebsphere_portalMatch6.0.1.6

ibmwebsphere_portalMatch6.1

ibmwebsphere_portalMatch6.1.0.0

ibmwebsphere_portalMatch6.1.0.1

ibmwebsphere_portalMatch6.1.0.2

ibmwebsphere_portalMatch6.1.0.3

ibmwebsphere_portalMatch6.1.0.4

ibmwebsphere_portalMatch6.1.0.5

ibmwebsphere_portalMatch6.1.5.0

ibmwebsphere_portalMatch6.1.5.1

ibmwebsphere_portalMatch6.1.5.2

ibmwebsphere_portalMatch6.1.5.3

ibmwebsphere_portalMatch7.0.0.0

ibmwebsphere_portalMatch7.0.0.1

ibmwebsphere_portalMatch7.0.0.2

ibmwebsphere_portalMatch8.0

ibmwebsphere_portalMatch8.0.0.0

ibmwebsphere_portalMatch8.0.0.1

VendorProductVersionCPE
ibmwebsphere_portal6.0.0.0cpe:2.3:a:ibm:websphere_portal:6.0.0.0:*:*:*:*:*:*:*
ibmwebsphere_portal6.0.0.1cpe:2.3:a:ibm:websphere_portal:6.0.0.1:*:*:*:*:*:*:*
ibmwebsphere_portal6.0.1.0cpe:2.3:a:ibm:websphere_portal:6.0.1.0:*:*:*:*:*:*:*
ibmwebsphere_portal6.0.1.1cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:*
ibmwebsphere_portal6.0.1.2cpe:2.3:a:ibm:websphere_portal:6.0.1.2:*:*:*:*:*:*:*
ibmwebsphere_portal6.0.1.3cpe:2.3:a:ibm:websphere_portal:6.0.1.3:*:*:*:*:*:*:*
ibmwebsphere_portal6.0.1.4cpe:2.3:a:ibm:websphere_portal:6.0.1.4:*:*:*:*:*:*:*
ibmwebsphere_portal6.0.1.5cpe:2.3:a:ibm:websphere_portal:6.0.1.5:*:*:*:*:*:*:*
ibmwebsphere_portal6.0.1.6cpe:2.3:a:ibm:websphere_portal:6.0.1.6:*:*:*:*:*:*:*
ibmwebsphere_portal6.1cpe:2.3:a:ibm:websphere_portal:6.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_portal	6.0.0.0	cpe:2.3:a:ibm:websphere_portal:6.0.0.0:::::::*
ibm	websphere_portal	6.0.0.1	cpe:2.3:a:ibm:websphere_portal:6.0.0.1:::::::*
ibm	websphere_portal	6.0.1.0	cpe:2.3:a:ibm:websphere_portal:6.0.1.0:::::::*
ibm	websphere_portal	6.0.1.1	cpe:2.3:a:ibm:websphere_portal:6.0.1.1:::::::*
ibm	websphere_portal	6.0.1.2	cpe:2.3:a:ibm:websphere_portal:6.0.1.2:::::::*
ibm	websphere_portal	6.0.1.3	cpe:2.3:a:ibm:websphere_portal:6.0.1.3:::::::*
ibm	websphere_portal	6.0.1.4	cpe:2.3:a:ibm:websphere_portal:6.0.1.4:::::::*
ibm	websphere_portal	6.0.1.5	cpe:2.3:a:ibm:websphere_portal:6.0.1.5:::::::*
ibm	websphere_portal	6.0.1.6	cpe:2.3:a:ibm:websphere_portal:6.0.1.6:::::::*
ibm	websphere_portal	6.1	cpe:2.3:a:ibm:websphere_portal:6.1:::::::*

Rows per page:

1-10 of 261

References

www-01.ibm.com/support/docview.wss?uid=swg1PM99205

www-01.ibm.com/support/docview.wss?uid=swg21655656

exchange.xforce.ibmcloud.com/vulnerabilities/88253

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

AI Score

6.5

Confidence

Low

EPSS

0.003

Percentile

69.1%

JSON

Related for NVD:CVE-2013-5454

prion1 cve1 nessus1 cvelist1