CVE-2013-6723 — IBM Websphere Portal vulnerability

CWE-2643 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 41.83%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere Portal

Timeline

PublishedDec 22

Latest updateMay 17

Description

IBM WebSphere Portal 8.0.0.1 before CF09 does not properly handle references in compute="always" Web Content Manager (WCM) navigator components, which allows remote attackers to obtain sensitive component information via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/websphere_portal8.0.0.1

Patches

Patch: www-01.ibm.com ↗Patch: www-01.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-5chj-rpxx-3q92: IBM WebSphere Portal 8↗2022-05-17

▶

CVEList

CVE-2013-6723: IBM WebSphere Portal 8↗2013-12-22

▶