Lucene search

[email protected]CVE-2013-6722

HistoryFeb 14, 2014 - 1:10 p.m.

CVE-2013-6722

2014-02-1413:10:30

[email protected]

web.nvd.nist.gov

cve-2013-6722

unrestricted file upload

vulnerability

ibm websphere portal

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.8%

JSON

Unrestricted file upload vulnerability in the Registration/Edit My Profile portlet in IBM WebSphere Portal 7.x before 7.0.0.2 CF27 and 8.x through 8.0.0.1 CF09 allows remote attackers to cause a denial of service or modify data via unspecified vectors.

Affected configurations

NVD

Node

ibmwebsphere_portalMatch7.0.0.0

ibmwebsphere_portalMatch7.0.0.0cf001

ibmwebsphere_portalMatch7.0.0.1

ibmwebsphere_portalMatch7.0.0.1cf002

ibmwebsphere_portalMatch7.0.0.1cf003

ibmwebsphere_portalMatch7.0.0.1cf004

ibmwebsphere_portalMatch7.0.0.1cf005

ibmwebsphere_portalMatch7.0.0.1cf006

ibmwebsphere_portalMatch7.0.0.1cf007

ibmwebsphere_portalMatch7.0.0.1cf008

ibmwebsphere_portalMatch7.0.0.1cf009

ibmwebsphere_portalMatch7.0.0.1cf010

ibmwebsphere_portalMatch7.0.0.1cf019

ibmwebsphere_portalMatch7.0.0.2

ibmwebsphere_portalMatch7.0.0.2cf011

ibmwebsphere_portalMatch7.0.0.2cf012

ibmwebsphere_portalMatch7.0.0.2cf013

ibmwebsphere_portalMatch7.0.0.2cf014

ibmwebsphere_portalMatch7.0.0.2cf015

ibmwebsphere_portalMatch7.0.0.2cf016

ibmwebsphere_portalMatch7.0.0.2cf017

ibmwebsphere_portalMatch7.0.0.2cf018

ibmwebsphere_portalMatch7.0.0.2cf019

ibmwebsphere_portalMatch7.0.0.2cf020

ibmwebsphere_portalMatch7.0.0.2cf021

ibmwebsphere_portalMatch7.0.0.2cf022

ibmwebsphere_portalMatch7.0.0.2cf23

ibmwebsphere_portalMatch7.0.0.2cf24

ibmwebsphere_portalMatch7.0.0.2cf25

ibmwebsphere_portalMatch7.0.0.2cf26

ibmwebsphere_portalMatch7.0.0.2cf27

Node

ibmwebsphere_portalMatch8.0

ibmwebsphere_portalMatch8.0.0.0

ibmwebsphere_portalMatch8.0.0.0cf01

ibmwebsphere_portalMatch8.0.0.0cf02

ibmwebsphere_portalMatch8.0.0.0cf03

ibmwebsphere_portalMatch8.0.0.0cf04

ibmwebsphere_portalMatch8.0.0.0cf05

ibmwebsphere_portalMatch8.0.0.1

ibmwebsphere_portalMatch8.0.0.1cf04

ibmwebsphere_portalMatch8.0.0.1cf05

ibmwebsphere_portalMatch8.0.0.1cf06

ibmwebsphere_portalMatch8.0.0.1cf07

ibmwebsphere_portalMatch8.0.0.1cf08

ibmwebsphere_portalMatch8.0.0.1cf09

CPENameOperatorVersion
ibm:websphere_portalibm websphere portaleq7.0.0.0
ibm:websphere_portalibm websphere portaleq7.0.0.1
ibm:websphere_portalibm websphere portaleq7.0.0.2

CPE	Name	Operator	Version
ibm:websphere_portal	ibm websphere portal	eq	7.0.0.0
ibm:websphere_portal	ibm websphere portal	eq	7.0.0.1
ibm:websphere_portal	ibm websphere portal	eq	7.0.0.2

References

www-01.ibm.com/support/docview.wss?uid=swg1PI07013

www-01.ibm.com/support/docview.wss?uid=swg21662873

exchange.xforce.ibmcloud.com/vulnerabilities/89235

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.8%

JSON

Related for CVE-2013-6722

cvelist1 prion1 nessus1 nvd1