CVE-2013-6730 — IBM Websphere Portal vulnerability

CWE-2644 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

0.2%

top 59.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Websphere Portal

Timeline

PublishedMar 4

Latest updateMay 17

Description

IBM WebSphere Portal 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x before 7.0.0.2 CF27, and 8.0.0.x before 8.0.0.1 CF10, when the wcm.path.traversal.security setting is enabled, allows remote attackers to bypass intended read restrictions on an item by accessing that item within search results.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/websphere_portal16 versions+15

🔴Vulnerability Details

GHSA

GHSA-28pf-wwvx-8jx3: IBM WebSphere Portal 6↗2022-05-17

▶

CVEList

CVE-2013-6730: IBM WebSphere Portal 6↗2014-03-04

▶

💬Community

Bugzilla

CVE-2013-7444 CVE-2015-6737 CVE-2015-6736 CVE-2015-6727 CVE-2015-6733 CVE-2015-6732 CVE-2015-6731 CVE-2015-6730 CVE-2015-6728 CVE-2015-6729 CVE-2015-6735 CVE-2015-6734 mediawiki: multiple security fix↗2015-08-13

▶