Ibm Spss Collaboration And Deployment Services vulnerabilities

8 known vulnerabilities affecting ibm/spss_collaboration_and_deployment_services.

Total CVEs
8
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2MEDIUM6

Vulnerabilities

Page 1 of 1
CVE-2013-4043MEDIUMCVSS 5.0v4.1.1.1v4.1.1.2+11 more2014-02-01
CVE-2013-4043 [MEDIUM] CWE-200 CVE-2013-4043: The server in IBM SPSS Collaboration and Deployment Services 4.x before 4.2.1.3 IF3, 5.x before 5.0 The server in IBM SPSS Collaboration and Deployment Services 4.x before 4.2.1.3 IF3, 5.x before 5.0 FP3, and 6.x before 6.0 IF1 allows remote attackers to read arbitrary files via an unspecified HTTP request.
nvd
CVE-2013-4044MEDIUMCVSS 4.0v4.2.1v4.2.1.1+5 more2013-12-21
CVE-2013-4044 [MEDIUM] CWE-200 CVE-2013-4044: IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows re IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote authenticated users to read application log files via a direct HTTP request.
nvd
CVE-2013-4046MEDIUMCVSS 5.8v4.2.1v4.2.1.1+5 more2013-12-21
CVE-2013-4046 [MEDIUM] CWE-20 CVE-2013-4046: Open redirect vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 I Open redirect vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
nvd
CVE-2013-4070MEDIUMCVSS 5.0v4.2.1v4.2.1.1+5 more2013-12-21
CVE-2013-4070 [MEDIUM] CWE-200 CVE-2013-4070: The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 an The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to discover an internal password via unspecified vectors.
nvd
CVE-2013-4069MEDIUMCVSS 5.0v4.2.1v4.2.1.1+5 more2013-12-21
CVE-2013-4069 [MEDIUM] CWE-200 CVE-2013-4069: The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 an The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
nvd
CVE-2013-4045MEDIUMCVSS 4.3v4.2.1v4.2.1.1+5 more2013-12-21
CVE-2013-4045 [MEDIUM] CWE-79 CVE-2013-4045: Cross-site scripting (XSS) vulnerability in the Portal application in IBM SPSS Collaboration and Dep Cross-site scripting (XSS) vulnerability in the Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
nvd
CVE-2013-4042CRITICALCVSS 10.0v4.2.1v5.0.0+2 more2013-10-01
CVE-2013-4042 [CRITICAL] CVE-2013-4042: Unspecified vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 and 5.0 through FP Unspecified vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 and 5.0 through FP2 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-5370.
nvd
CVE-2013-5370CRITICALCVSS 10.0v4.2.1v5.0.0+2 more2013-10-01
CVE-2013-5370 [CRITICAL] CVE-2013-5370: Unspecified vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 and 5.0 through FP Unspecified vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 and 5.0 through FP2 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-4042.
nvd