Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2013-5372
HistoryOct 19, 2013 - 10:36 a.m.

CVE-2013-5372

2013-10-1910:36:00
CWE-399
[email protected]
web.nvd.nist.gov
48
ibm
message broker
integration bus
xml4j parser
denial of service
memory consumption
cve-2013-5372

6.7 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.03 Low

EPSS

Percentile

90.8%

JSON

The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document that triggers expansion for many entities.

Related

ibm 25
prion 1
nessus 13
suse 4
openvas 1
redhat 4
veracode 16
aix 1
ibm
ibm
Security Bulletin: IBM Enterprise Content Management Widgets and potential Apache Xerces-J denial of service attack (CVE-2013-5372)
2022-09-25 23:09:27
Security Bulletin:Tivoli Multiple vulnerabilities in Tivoli Business Service Manager (CVE-2013-5802,CVE-2013-5825,CVE-2013-5372)
2018-06-17 14:31:27
Security Bulletin: Multiple vulnerabilities in IBM SPSS Modeler (CVE-2013-6739, CVE-2013-5372, CVE-2013-5825)
2018-06-16 13:31:40
prion
prion
Code injection
2013-10-19 10:36:00
nessus
nessus
IBM WebSphere Application Server 8.0 < Fix Pack 8 Multiple Vulnerabilities
2014-01-20 00:00:00
IBM WebSphere Application Server 7.0 < Fix Pack 31 Multiple Vulnerabilities
2014-01-20 00:00:00
IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.2 Multiple Vulnerabilities
2014-05-29 00:00:00
suse
suse
Security update for IBM Java 5 (important)
2013-11-14 16:04:15
Security update for IBM Java 5 (important)
2013-11-15 00:04:35
Security update for IBM Java 7 (important)
2013-11-22 08:04:19
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:1669-1)
2021-06-09 00:00:00
redhat
redhat
(RHSA-2013:1509) Important: java-1.5.0-ibm security update
2013-11-07 00:00:00
(RHSA-2013:1508) Critical: java-1.6.0-ibm security update
2013-11-07 00:00:00
(RHSA-2013:1793) Low: Red Hat Network Satellite server IBM Java Runtime security update
2013-12-05 00:00:00
veracode
veracode
Sandbox Restrictions Bypass
2019-05-02 04:58:36
Sandbox Restrictions Bypass
2019-05-02 04:58:36
Sandbox Restrictions Bypass
2019-05-02 04:58:37
aix
aix
Multiple Java vulnerabilities
2013-12-11 10:53:34

6.7 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.03 Low

EPSS

Percentile

90.8%

JSON
Related for CVE-2013-5372
ibm25prion1nessus13suse4openvas1redhat4veracode16aix1