CVE-2013-4043

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-4043
The server in IBM SPSS Collaboration and Deployment Services 4.x before 4.2.1.3 IF3, 5.x before 5.0 FP3, and 6.x before 6.0 IF1 allows remote attackers to read arbitrary files via an unspecified HTTP request.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://www-01.ibm.com/support/docview.wss?uid=swg1PI07828
http://www-01.ibm.com/support/docview.wss?uid=swg21661169 Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/86419
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.1:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:6.0.0.0:*:*:*:*:*:*:*
Information

Published : 2014-02-01 07:55

Updated : 2017-08-28 18:33

NVD link : CVE-2013-4043

Mitre link : CVE-2013-4043

JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa
Products Affected

ibm

  • spss_collaboration_and_deployment_services