CVE-2013-3040
published 2013-08-16CVE-2013-3040: IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 produces login-failure messages indicating whether the username or password is…
medium5CVSS 3.1
AVNACLAuNCPINAN
IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 produces login-failure messages indicating whether the username or password is incorrect, which allows remote attackers to enumerate user accounts via a brute-force attack.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | infosphere_information_server | — | — |
| ibm | infosphere_information_server | — | — |
| ibm | infosphere_information_server | — | — |
| ibm | infosphere_information_server | — | — |
| ibm | infosphere_information_server | — | — |
| ibm | infosphere_information_server | — | — |
| ibm | infosphere_information_server | — | — |
| ibm | infosphere_information_server | — | — |