CVE-2013-3996

CWE-20Improper Input Validation3 documents3 sources
Severity
4.9MEDIUM
EPSS
0.2%
top 52.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Infosphere Biginsights
Timeline
PublishedAug 6
Latest updateMay 17

Description

IBM InfoSphere BigInsights 1.1 through 2.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct phishing attacks via a crafted web site.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 6.8 | Impact: 4.9

Affected Packages1 packages

NVDibm/infosphere_biginsights9 versions+8

🔴Vulnerability Details

2
GHSA
GHSA-jgwq-qjm7-cj36: IBM InfoSphere BigInsights 12022-05-17
CVEList
CVE-2013-3996: IBM InfoSphere BigInsights 12013-08-05