Lucene search

[email protected]NVD:CVE-2013-6734

HistoryFeb 22, 2014 - 9:55 p.m.

CVE-2013-6734

2014-02-2221:55:09

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

AI Score

5.6

Confidence

Low

EPSS

0.001

Percentile

45.4%

JSON

IBM WebSphere eXtreme Scale Client 7.1 through 8.6.0.4 does not properly isolate the cached data of different users, which allows remote authenticated users to obtain sensitive information in opportunistic circumstances by leveraging access to the same web container.

Affected configurations

Nvd

Node

ibmwebsphere_extreme_scale_clientRange≤8.6.0.4

ibmwebsphere_extreme_scale_clientMatch7.0.0.0

ibmwebsphere_extreme_scale_clientMatch7.1.0.0

ibmwebsphere_extreme_scale_clientMatch7.1.0.2

ibmwebsphere_extreme_scale_clientMatch7.1.0.3

ibmwebsphere_extreme_scale_clientMatch7.1.1.0

ibmwebsphere_extreme_scale_clientMatch7.1.1.1

ibmwebsphere_extreme_scale_clientMatch8.5.0.0

ibmwebsphere_extreme_scale_clientMatch8.5.0.1

ibmwebsphere_extreme_scale_clientMatch8.5.0.2

ibmwebsphere_extreme_scale_clientMatch8.5.0.3

ibmwebsphere_extreme_scale_clientMatch8.6.0.0

ibmwebsphere_extreme_scale_clientMatch8.6.0.1

ibmwebsphere_extreme_scale_clientMatch8.6.0.2

ibmwebsphere_extreme_scale_clientMatch8.6.0.3

VendorProductVersionCPE
ibmwebsphere_extreme_scale_client*cpe:2.3:a:ibm:websphere_extreme_scale_client:*:*:*:*:*:*:*:*
ibmwebsphere_extreme_scale_client7.0.0.0cpe:2.3:a:ibm:websphere_extreme_scale_client:7.0.0.0:*:*:*:*:*:*:*
ibmwebsphere_extreme_scale_client7.1.0.0cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.0.0:*:*:*:*:*:*:*
ibmwebsphere_extreme_scale_client7.1.0.2cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.0.2:*:*:*:*:*:*:*
ibmwebsphere_extreme_scale_client7.1.0.3cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.0.3:*:*:*:*:*:*:*
ibmwebsphere_extreme_scale_client7.1.1.0cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.1.0:*:*:*:*:*:*:*
ibmwebsphere_extreme_scale_client7.1.1.1cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.1.1:*:*:*:*:*:*:*
ibmwebsphere_extreme_scale_client8.5.0.0cpe:2.3:a:ibm:websphere_extreme_scale_client:8.5.0.0:*:*:*:*:*:*:*
ibmwebsphere_extreme_scale_client8.5.0.1cpe:2.3:a:ibm:websphere_extreme_scale_client:8.5.0.1:*:*:*:*:*:*:*
ibmwebsphere_extreme_scale_client8.5.0.2cpe:2.3:a:ibm:websphere_extreme_scale_client:8.5.0.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_extreme_scale_client	*	cpe:2.3:a:ibm:websphere_extreme_scale_client::::::::
ibm	websphere_extreme_scale_client	7.0.0.0	cpe:2.3:a:ibm:websphere_extreme_scale_client:7.0.0.0:::::::*
ibm	websphere_extreme_scale_client	7.1.0.0	cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.0.0:::::::*
ibm	websphere_extreme_scale_client	7.1.0.2	cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.0.2:::::::*
ibm	websphere_extreme_scale_client	7.1.0.3	cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.0.3:::::::*
ibm	websphere_extreme_scale_client	7.1.1.0	cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.1.0:::::::*
ibm	websphere_extreme_scale_client	7.1.1.1	cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.1.1:::::::*
ibm	websphere_extreme_scale_client	8.5.0.0	cpe:2.3:a:ibm:websphere_extreme_scale_client:8.5.0.0:::::::*
ibm	websphere_extreme_scale_client	8.5.0.1	cpe:2.3:a:ibm:websphere_extreme_scale_client:8.5.0.1:::::::*
ibm	websphere_extreme_scale_client	8.5.0.2	cpe:2.3:a:ibm:websphere_extreme_scale_client:8.5.0.2:::::::*

Rows per page:

1-10 of 151

References

www-01.ibm.com/support/docview.wss?uid=swg1PI06341

www-01.ibm.com/support/docview.wss?uid=swg21664641

exchange.xforce.ibmcloud.com/vulnerabilities/89397

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

AI Score

5.6

Confidence

Low

EPSS

0.001

Percentile

45.4%

JSON

Related for NVD:CVE-2013-6734

ibm1 prion1 cvelist1 cve1