Lucene search
IbmCVE-2013-4061HistorySep 09, 2013 - 1:55 a.m.
CVE-2013-4061
2013-09-0901:55:06
CWE-287
ibm
web.nvd.nist.gov
21
ibm
rational policy tester
cve-2013-4061
authorization bypass
security vulnerability
nvd
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
41.4%
IBM Rational Policy Tester 8.5 before 8.5.0.5 does not properly check authorization for changes to the set of authentication hosts, which allows remote authenticated users to perform spoofing attacks involving an HTTP redirect via unspecified vectors.
Affected configurations
Node
ibmrational_policy_testerMatch8.5.0.0
ORibmrational_policy_testerMatch8.5.0.1
ORibmrational_policy_testerMatch8.5.0.2
ORibmrational_policy_testerMatch8.5.0.3
ORibmrational_policy_testerMatch8.5.0.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | rational_policy_tester | 8.5.0.0 | cpe:2.3:a:ibm:rational_policy_tester:8.5.0.0:*:*:*:*:*:*:* |
| ibm | rational_policy_tester | 8.5.0.1 | cpe:2.3:a:ibm:rational_policy_tester:8.5.0.1:*:*:*:*:*:*:* |
| ibm | rational_policy_tester | 8.5.0.2 | cpe:2.3:a:ibm:rational_policy_tester:8.5.0.2:*:*:*:*:*:*:* |
| ibm | rational_policy_tester | 8.5.0.3 | cpe:2.3:a:ibm:rational_policy_tester:8.5.0.3:*:*:*:*:*:*:* |
| ibm | rational_policy_tester | 8.5.0.4 | cpe:2.3:a:ibm:rational_policy_tester:8.5.0.4:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2013-4061
2013-09-09 01:00:00
prion
prion
Authorization
2013-09-09 01:55:00
nvd
nvd
CVE-2013-4061
2013-09-09 01:55:06
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
AI Score
6.4
Confidence
Low
EPSS
0.001
Percentile
41.4%
Related for CVE-2013-4061