CVE-2013-5440

2013-12-1816:04:33

CWE-200

[email protected]

web.nvd.nist.gov

cve-2013-5440

ibm

infosphere

information server

security

vulnerability

local users

5.7 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

IBM InfoSphere Information Server 8.0, 8.1, 8.5, 8.7, and 9.1 allows local users to obtain sensitive information in opportunistic circumstances by leveraging the presence of file content after a failed installation.

Affected configurations

NVD

Node

ibminfosphere_information_serverMatch8.0

ibminfosphere_information_serverMatch8.1

ibminfosphere_information_serverMatch8.5

ibminfosphere_information_serverMatch8.7

ibminfosphere_information_serverMatch9.1

CPENameOperatorVersion
ibm:infosphere_information_serveribm infosphere information servereq8.0
ibm:infosphere_information_serveribm infosphere information servereq8.1
ibm:infosphere_information_serveribm infosphere information servereq8.5
ibm:infosphere_information_serveribm infosphere information servereq8.7
ibm:infosphere_information_serveribm infosphere information servereq9.1

CPE	Name	Operator	Version
ibm:infosphere_information_server	ibm infosphere information server	eq	8.0
ibm:infosphere_information_server	ibm infosphere information server	eq	8.1
ibm:infosphere_information_server	ibm infosphere information server	eq	8.5
ibm:infosphere_information_server	ibm infosphere information server	eq	8.7
ibm:infosphere_information_server	ibm infosphere information server	eq	9.1