CVE-2013-4006IBM Websphere Application Server vulnerability

CWE-3103 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 60.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Websphere Application Server
Timeline
PublishedNov 18
Latest updateMay 17

Description

IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before 8.5.5.1 uses weak permissions for unspecified files, which allows local users to obtain sensitive information via standard filesystem operations.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-mvrj-5m9x-8628: IBM WebSphere Application Server (WAS) Liberty Profile 82022-05-17
CVEList
CVE-2013-4006: IBM WebSphere Application Server (WAS) Liberty Profile 82013-11-16
CVE-2013-4006 — IBM vulnerability | cvebase