Lucene search
HistorySep 16, 2013 - 6:24 p.m.
CVE-2013-4049
ibm
spss
analytical decision management
vulnerability
file upload
remote code execution
cve-2013-4049
8.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
7.3 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
65.2%
Unrestricted file upload vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote authenticated users to execute arbitrary code by uploading and accessing a JSP file.
Affected configurations
Node
ibmspss_analytical_decision_managementMatch6.1.0.0
ORibmspss_analytical_decision_managementMatch6.2.0.0
ORibmspss_analytical_decision_managementMatch7.0.0.0
Related
prion
prion
Unrestricted file upload
2013-09-16 18:24:00
nvd
nvd
CVE-2013-4049
2013-09-16 18:24:48
cvelist
cvelist
CVE-2013-4049
2013-09-16 16:00:00
8.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:C/I:C/A:C
7.3 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
65.2%
Related for CVE-2013-4049