Lucene search

[email protected]CVE-2013-5446

HistoryOct 22, 2013 - 11:17 a.m.

CVE-2013-5446

2013-10-2211:17:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

ibm

websphere

datapower

xc10

appliances

logoff

vulnerability

cve-2013-5446

nvd

remote attack vectors

6.8 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

69.9%

JSON

The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors.

CPENameOperatorVersion
ibm:websphere_datapower_xc10_applianceibm websphere datapower xc10 applianceeq-
ibm:websphere_datapower_xc10_appliance_firmwareibm websphere datapower xc10 appliance firmwareeq2.1.0.0
ibm:websphere_datapower_xc10_appliance_firmwareibm websphere datapower xc10 appliance firmwareeq2.5.0.0

CPE	Name	Operator	Version
ibm:websphere_datapower_xc10_appliance	ibm websphere datapower xc10 appliance	eq	-
ibm:websphere_datapower_xc10_appliance_firmware	ibm websphere datapower xc10 appliance firmware	eq	2.1.0.0
ibm:websphere_datapower_xc10_appliance_firmware	ibm websphere datapower xc10 appliance firmware	eq	2.5.0.0

References

www-01.ibm.com/support/docview.wss?uid=swg1IC93164

www-01.ibm.com/support/docview.wss?uid=swg1IC96617

www.ibm.com/support/docview.wss?uid=swg21653546

exchange.xforce.ibmcloud.com/vulnerabilities/87910

6.8 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

69.9%

JSON

Related for CVE-2013-5446

cvelist1 prion1 seebug1