CVE-2013-6305

CWE-3103 documents3 sources
Severity
4.3MEDIUM
EPSS
0.1%
top 65.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Platform Symphony
Timeline
PublishedJan 21
Latest updateMay 17

Description

IBM Platform Symphony 5.2 before build 229037 and 6.1.0.1 before build 229073 uses the same credentials encryption key across different customers' installations, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging knowledge of this key.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDibm/platform_symphony5.2, 6.1.0.1+1

🔴Vulnerability Details

2
GHSA
GHSA-r2wp-2rgq-h6m4: IBM Platform Symphony 52022-05-17
CVEList
CVE-2013-6305: IBM Platform Symphony 52014-01-21
CVE-2013-6305 (MEDIUM CVSS 4.3) | IBM Platform Symphony 5.2 before bu | cvebase.io