Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2013-6720
HistoryMar 06, 2014 - 11:55 a.m.

CVE-2013-6720

2014-03-0611:55:05
CWE-22
[email protected]
web.nvd.nist.gov
3

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

AI Score

5.9

Confidence

Low

EPSS

0.001

Percentile

46.6%

JSON

Directory traversal vulnerability in download.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to bypass intended access restrictions via a โ€ฆ (dot dot) in the log parameter, as demonstrated using a crafted request for a customer-support file, as demonstrated by a log file.

Affected configurations

Nvd
Node
ibmtealeaf_cxMatch7.1
OR
ibmtealeaf_cxMatch7.2
OR
ibmtealeaf_cxMatch8.0
OR
ibmtealeaf_cxMatch8.1
OR
ibmtealeaf_cxMatch8.2
OR
ibmtealeaf_cxMatch8.3
OR
ibmtealeaf_cxMatch8.4
OR
ibmtealeaf_cxMatch8.5
OR
ibmtealeaf_cxMatch8.6
OR
ibmtealeaf_cxMatch8.7
OR
ibmtealeaf_cxMatch8.8
VendorProductVersionCPE
ibmtealeaf_cx7.1cpe:2.3:a:ibm:tealeaf_cx:7.1:*:*:*:*:*:*:*
ibmtealeaf_cx7.2cpe:2.3:a:ibm:tealeaf_cx:7.2:*:*:*:*:*:*:*
ibmtealeaf_cx8.0cpe:2.3:a:ibm:tealeaf_cx:8.0:*:*:*:*:*:*:*
ibmtealeaf_cx8.1cpe:2.3:a:ibm:tealeaf_cx:8.1:*:*:*:*:*:*:*
ibmtealeaf_cx8.2cpe:2.3:a:ibm:tealeaf_cx:8.2:*:*:*:*:*:*:*
ibmtealeaf_cx8.3cpe:2.3:a:ibm:tealeaf_cx:8.3:*:*:*:*:*:*:*
ibmtealeaf_cx8.4cpe:2.3:a:ibm:tealeaf_cx:8.4:*:*:*:*:*:*:*
ibmtealeaf_cx8.5cpe:2.3:a:ibm:tealeaf_cx:8.5:*:*:*:*:*:*:*
ibmtealeaf_cx8.6cpe:2.3:a:ibm:tealeaf_cx:8.6:*:*:*:*:*:*:*
ibmtealeaf_cx8.7cpe:2.3:a:ibm:tealeaf_cx:8.7:*:*:*:*:*:*:*
Rows per page:
1-10 of 111

Related

cvelist 1
seebug 2
cve 1
prion 1
exploitdb 1
exploitpack 1
ibm 2
zdt 1
checkpoint_advisories 1
cvelist
cvelist
CVE-2013-6720
2014-03-06 11:00:00
seebug
seebug
IBM Tealeaf CXๆœชๆ˜Žๆœฌๅœฐๆ–‡ไปถๅŒ…ๅซๆผๆดž
2014-03-11 00:00:00
IBM Tealeaf CX 8.8 - Remote OS Command Injection
2014-07-01 00:00:00
cve
cve
CVE-2013-6720
2014-03-06 11:55:05
prion
prion
Directory traversal
2014-03-06 11:55:00
exploitdb
exploitdb
IBM Tealeaf CX 8.8 - Remote OS Command Injection
2014-03-26 00:00:00
exploitpack
exploitpack
IBM Tealeaf CX 8.8 - Remote OS Command Injection
2014-03-26 00:00:00
ibm
ibm
Security Bulletin: IBM Tealeaf CX Passive Capture Application is vulnerable to a remotely exploitable OS command injection and local file inclusion (CVE-2013-6719 and CVE-2013-6720)
2018-06-16 19:35:50
Security Bulletins for IBM Tealeaf Customer Experience offerings
2018-06-16 19:35:50
zdt
zdt
IBM Tealeaf CX 8.8 - Remote OS Command Injection Vulnerability
2014-03-27 00:00:00
checkpoint_advisories
checkpoint_advisories
Command Injection Over HTTP Payload (CVE-2013-6719; CVE-2013-6720; CVE-2020-26728; CVE-2022-30105)
2018-07-03 00:00:00

CVSS2

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:P/A:N

AI Score

5.9

Confidence

Low

EPSS

0.001

Percentile

46.6%

JSON
Related for NVD:CVE-2013-6720
cvelist1seebug2cve1prion1exploitdb1exploitpack1ibm2zdt1checkpoint_advisories1