CVE-2013-0505

IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to conduct XPath injection attacks, and read arbitrary XML files, via unspecified vectors.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:8.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:sterling_multi-channel_fulfillment_solution:8.0:*:*:*:*:*:*:*

Information

Published : 2013-03-19 11:55

Updated : 2017-08-28 18:33


NVD link : CVE-2013-0505

Mitre link : CVE-2013-0505


JSON object : View

CWE
CWE-20

Improper Input Validation

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

ibm

  • sterling_multi-channel_fulfillment_solution
  • sterling_selling_and_fulfillment_foundation