CVE-2013-5400IBM Platform Symphony vulnerability

CWE-2553 documents3 sources
Severity
10.0CRITICALNVD
EPSS
2.4%
top 15.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Platform Symphony
Timeline
PublishedFeb 14
Latest updateMay 17

Description

An unspecified servlet in IBM Platform Symphony Developer Edition (DE) 5.2 and 6.1.x through 6.1.1 has hardcoded credentials, which allows remote attackers to bypass authentication and obtain "local environment" access via unknown vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDibm/platform_symphony5.2, 6.1.0, 6.1.1+2

🔴Vulnerability Details

2
GHSA
GHSA-rhgm-h7g3-664f: An unspecified servlet in IBM Platform Symphony Developer Edition (DE) 52022-05-17
CVEList
CVE-2013-5400: An unspecified servlet in IBM Platform Symphony Developer Edition (DE) 52014-02-14
CVE-2013-5400 — IBM Platform Symphony vulnerability | cvebase