Lucene search

[email protected]CVE-2013-0456

HistoryJul 03, 2013 - 1:54 p.m.

CVE-2013-0456

2013-07-0313:54:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

ibm

sterling b2b integrator

sterling file gateway

remote access

session hijacking

cve-2013-0456

nvd

6.3 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

32.9%

JSON

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote authenticated users to hijack sessions via a modified cookie path.

CPENameOperatorVersion
ibm:sterling_b2b_integratoribm sterling b2b integratoreq5.2
ibm:sterling_b2b_integratoribm sterling b2b integratoreq5.1
ibm:sterling_file_gatewayibm sterling file gatewayeq2.1
ibm:sterling_file_gatewayibm sterling file gatewayeq2.2

CPE	Name	Operator	Version
ibm:sterling_b2b_integrator	ibm sterling b2b integrator	eq	5.2
ibm:sterling_b2b_integrator	ibm sterling b2b integrator	eq	5.1
ibm:sterling_file_gateway	ibm sterling file gateway	eq	2.1
ibm:sterling_file_gateway	ibm sterling file gateway	eq	2.2

References

www-01.ibm.com/support/docview.wss?uid=swg21640830

exchange.xforce.ibmcloud.com/vulnerabilities/80972

6.3 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

32.9%

JSON

Related for CVE-2013-0456

cvelist1 prion1 ibm1