mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-06-19 17:31:42 +00:00
108 lines
3.3 KiB
JSON
108 lines
3.3 KiB
JSON
{
|
|
"id": "CVE-2013-5400",
|
|
"sourceIdentifier": "psirt@us.ibm.com",
|
|
"published": "2014-02-14T13:10:30.590",
|
|
"lastModified": "2024-11-21T01:57:24.930",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "An unspecified servlet in IBM Platform Symphony Developer Edition (DE) 5.2 and 6.1.x through 6.1.1 has hardcoded credentials, which allows remote attackers to bypass authentication and obtain \"local environment\" access via unknown vectors."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Un servlet no especificado en IBM Platform Symphony Developer Edition (DE) 5.2 y 6.1.x hasta 6.1.1 tiene las credenciales embebidas, lo que permite a atacantes remotos evadir la autenticaci\u00f3n y obtener acceso al \"entorno local\" a trav\u00e9s de vectores desconocidos."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
|
"baseScore": 10.0,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE"
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-255"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:platform_symphony:5.2:*:*:*:developer:*:*:*",
|
|
"matchCriteriaId": "EBBB2174-B82A-4129-9ADB-A8AB28833992"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:platform_symphony:6.1.0:*:*:*:developer:*:*:*",
|
|
"matchCriteriaId": "74818384-5D69-4832-933E-1376928D3774"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:platform_symphony:6.1.1:*:*:*:developer:*:*:*",
|
|
"matchCriteriaId": "FFA668AD-763A-4AC1-A6C2-AACB872A5EF4"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1020564",
|
|
"source": "psirt@us.ibm.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87296",
|
|
"source": "psirt@us.ibm.com"
|
|
},
|
|
{
|
|
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1020564",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87296",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |