CVE-2013-5397

Unspecified vulnerability in the Webservice Axis Gateway in IBM Rational Focal Point 6.4 before devfix1, 6.4.1.3 before devfix1, 6.5.1 before devfix1, 6.5.2 before devfix4, 6.5.2.3 before devfix9, 6.6 before devfix5, 6.6.0.1 before devfix2, and 6.6.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-5398.

CVSS v2.0 3.3 LOW

3.3^/10

CVSS v2.0 : LOW

Vector : AV:A/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www-01.ibm.com/support/docview.wss?uid=swg21654471	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/87293

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:rational_focal_point:6.4:::::::*
	cpe:2.3:a:ibm:rational_focal_point:6.4.1.3:::::::*
	cpe:2.3:a:ibm:rational_focal_point:6.5.1:::::::*
	cpe:2.3:a:ibm:rational_focal_point:6.5.2:::::::*
	cpe:2.3:a:ibm:rational_focal_point:6.5.2.3:::::::*
	cpe:2.3:a:ibm:rational_focal_point:6.6:::::::*
	cpe:2.3:a:ibm:rational_focal_point:6.6.0.1:::::::*
	cpe:2.3:a:ibm:rational_focal_point:6.6.1:::::::*

History

No history.

Information

Published : 2013-12-18 16:04

Updated : 2023-12-10 11:16

NVD link : CVE-2013-5397

Mitre link : CVE-2013-5397

CVE.ORG link : CVE-2013-5397

JSON object : View

Products Affected

ibm

rational_focal_point

CWE

NVD-CWE-noinfo

{"id": "CVE-2013-5397", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-12-18T16:04:33.507", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21654471", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87293", "source": "psirt@us.ibm.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Webservice Axis Gateway in IBM Rational Focal Point 6.4 before devfix1, 6.4.1.3 before devfix1, 6.5.1 before devfix1, 6.5.2 before devfix4, 6.5.2.3 before devfix9, 6.6 before devfix5, 6.6.0.1 before devfix2, and 6.6.1 allows remote attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2013-5398."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el Websrvice Axis Gateway en IBM Rational Focal Point 6.4 anteriores a devfix1, 6.4.1.3 anteriores a devix1, 6.5.1 antreriores a devfix1, 6.5.2 anteriores a devfix4, 6.4.2.3 anteriores a devfix9, 6.6 anteriores a devfix5, 6.6.0.1 anteriores a devfix2, y 6.6.1, permite a atacantes remotos sortear restricciones de acceso intencionadas y obtener informaci\u00f3n sensible a trav\u00e9s de vectores no especificados, una vulnerabilidad diferente a CVE-2013-5398."}], "lastModified": "2017-08-29T01:33:45.373", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:rational_focal_point:6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46577E1B-77E6-4FE6-8B1F-F2A61FB0C15F"}, {"criteria": "cpe:2.3:a:ibm:rational_focal_point:6.4.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B52DB62D-5D12-4AE4-8A14-EA2782A92CA2"}, {"criteria": "cpe:2.3:a:ibm:rational_focal_point:6.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5BF5FBBF-750D-49FF-97E8-91E9D29D53DA"}, {"criteria": "cpe:2.3:a:ibm:rational_focal_point:6.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD4F5963-909C-404E-AF58-885DBBC78FB2"}, {"criteria": "cpe:2.3:a:ibm:rational_focal_point:6.5.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A872F738-296B-443F-B6E1-5B8200A05270"}, {"criteria": "cpe:2.3:a:ibm:rational_focal_point:6.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDD57F9E-5569-4F38-8C1B-BF033498639E"}, {"criteria": "cpe:2.3:a:ibm:rational_focal_point:6.6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "794382A6-042F-4036-B7DA-702135B1BE51"}, {"criteria": "cpe:2.3:a:ibm:rational_focal_point:6.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "605E2334-1A3E-417B-B351-E83496A560BE"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}