CVE-2013-6309

CWE-94 — Code Injection3 documents3 sources

Severity

6.0MEDIUM

EPSS

0.4%

top 38.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Marketing Platform

Timeline

PublishedJun 28

Latest updateMay 17

Description

IBM Marketing Platform 9.1 before FP2 allows remote authenticated users to hijack sessions, and consequently read records, modify records, or conduct transactions, via an unspecified link injection.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 6.8 | Impact: 6.4

Affected Packages1 packages

▶NVDibm/marketing_platform9.1.0.0, 9.1.0.1+1

🔴Vulnerability Details

GHSA

GHSA-253c-crvf-xgfx: IBM Marketing Platform 9↗2022-05-17

▶

CVEList

CVE-2013-6309: IBM Marketing Platform 9↗2014-06-28

▶