CVE-2013-2968

2013-06-1914:55:09

CWE-119

[email protected]

web.nvd.nist.gov

ibm

sterling control center

scc

buffer-read method

denial of service

cve-2013-2968

nvd

6.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:N/I:N/A:C

6.3 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

48.6%

JSON

An unspecified buffer-read method in IBM Sterling Control Center (SCC) 5.2 before 5.2.0.9, 5.3 before 5.3.0.4, and 5.4 through 5.4.0.1 allows remote authenticated users to cause a denial of service via a large file that lacks end-of-line characters.

Affected configurations

NVD

Node

ibmsterling_control_centerMatch5.2.0

ibmsterling_control_centerMatch5.3.0

ibmsterling_control_centerMatch5.3.0.1

ibmsterling_control_centerMatch5.3.0.2

ibmsterling_control_centerMatch5.3.0.3

ibmsterling_control_centerMatch5.4.0

ibmsterling_control_centerMatch5.4.0.1

CPENameOperatorVersion
ibm:sterling_control_centeribm sterling control centereq5.2.0
ibm:sterling_control_centeribm sterling control centereq5.3.0
ibm:sterling_control_centeribm sterling control centereq5.3.0.1
ibm:sterling_control_centeribm sterling control centereq5.3.0.2
ibm:sterling_control_centeribm sterling control centereq5.3.0.3
ibm:sterling_control_centeribm sterling control centereq5.4.0
ibm:sterling_control_centeribm sterling control centereq5.4.0.1

CPE	Name	Operator	Version
ibm:sterling_control_center	ibm sterling control center	eq	5.2.0
ibm:sterling_control_center	ibm sterling control center	eq	5.3.0
ibm:sterling_control_center	ibm sterling control center	eq	5.3.0.1
ibm:sterling_control_center	ibm sterling control center	eq	5.3.0.2
ibm:sterling_control_center	ibm sterling control center	eq	5.3.0.3
ibm:sterling_control_center	ibm sterling control center	eq	5.4.0
ibm:sterling_control_center	ibm sterling control center	eq	5.4.0.1