CVE-2013-6735 (GCVE-0-2013-6735)
Vulnerability from cvelistv5
Published
2013-12-22 15:00
Modified
2024-08-06 17:46
Severity ?
CWE
  • n/a
Summary
IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x through 8.0.0.1 CF08 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a modified Web Content Manager (WCM) URL.
References
psirt@us.ibm.com http://osvdb.org/101255
psirt@us.ibm.com http://packetstormsecurity.com/files/124611/IBM-Web-Content-Manager-XPath-Injection.html Exploit, Third Party Advisory, VDB Entry
psirt@us.ibm.com http://secunia.com/advisories/56161
psirt@us.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg1PI07777 Not Applicable
psirt@us.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21660289 Patch, Vendor Advisory
psirt@us.ibm.com http://www.securityfocus.com/archive/1/530552/100/0/threaded
psirt@us.ibm.com http://www.securityfocus.com/bid/64496 Third Party Advisory, VDB Entry
psirt@us.ibm.com http://www.securitytracker.com/id/1029539 Third Party Advisory, VDB Entry
psirt@us.ibm.com https://exchange.xforce.ibmcloud.com/vulnerabilities/89591
psirt@us.ibm.com https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_fix_available_for_unauthorized_information_retrieval_security_vulnerability_in_ibm_websphere_portal_cve_2013_6735 Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108 http://osvdb.org/101255
af854a3a-2127-422b-91ae-364da2661108 http://packetstormsecurity.com/files/124611/IBM-Web-Content-Manager-XPath-Injection.html Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108 http://secunia.com/advisories/56161
af854a3a-2127-422b-91ae-364da2661108 http://www-01.ibm.com/support/docview.wss?uid=swg1PI07777 Not Applicable
af854a3a-2127-422b-91ae-364da2661108 http://www-01.ibm.com/support/docview.wss?uid=swg21660289 Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/archive/1/530552/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108 http://www.securityfocus.com/bid/64496 Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108 http://www.securitytracker.com/id/1029539 Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108 https://exchange.xforce.ibmcloud.com/vulnerabilities/89591
af854a3a-2127-422b-91ae-364da2661108 https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_fix_available_for_unauthorized_information_retrieval_security_vulnerability_in_ibm_websphere_portal_cve_2013_6735 Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:46:22.701Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "56161",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56161"
          },
          {
            "name": "20131227 SEC Consult SA-20131227-0 :: IBM Web Content Manager (WCM) XPath Injection",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/530552/100/0/threaded"
          },
          {
            "name": "64496",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/64496"
          },
          {
            "name": "ibm-wsportal-cve20136735-jcr(89591)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89591"
          },
          {
            "name": "101255",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/101255"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21660289"
          },
          {
            "name": "PI07777",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI07777"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_fix_available_for_unauthorized_information_retrieval_security_vulnerability_in_ibm_websphere_portal_cve_2013_6735"
          },
          {
            "name": "1029539",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1029539"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/124611/IBM-Web-Content-Manager-XPath-Injection.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-12-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x through 8.0.0.1 CF08 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a modified Web Content Manager (WCM) URL."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "56161",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56161"
        },
        {
          "name": "20131227 SEC Consult SA-20131227-0 :: IBM Web Content Manager (WCM) XPath Injection",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/530552/100/0/threaded"
        },
        {
          "name": "64496",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/64496"
        },
        {
          "name": "ibm-wsportal-cve20136735-jcr(89591)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89591"
        },
        {
          "name": "101255",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/101255"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21660289"
        },
        {
          "name": "PI07777",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI07777"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_fix_available_for_unauthorized_information_retrieval_security_vulnerability_in_ibm_websphere_portal_cve_2013_6735"
        },
        {
          "name": "1029539",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1029539"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/124611/IBM-Web-Content-Manager-XPath-Injection.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-6735",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x through 8.0.0.1 CF08 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a modified Web Content Manager (WCM) URL."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "56161",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56161"
            },
            {
              "name": "20131227 SEC Consult SA-20131227-0 :: IBM Web Content Manager (WCM) XPath Injection",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/530552/100/0/threaded"
            },
            {
              "name": "64496",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/64496"
            },
            {
              "name": "ibm-wsportal-cve20136735-jcr(89591)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/89591"
            },
            {
              "name": "101255",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/101255"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21660289",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21660289"
            },
            {
              "name": "PI07777",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI07777"
            },
            {
              "name": "https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_fix_available_for_unauthorized_information_retrieval_security_vulnerability_in_ibm_websphere_portal_cve_2013_6735",
              "refsource": "CONFIRM",
              "url": "https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_fix_available_for_unauthorized_information_retrieval_security_vulnerability_in_ibm_websphere_portal_cve_2013_6735"
            },
            {
              "name": "1029539",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1029539"
            },
            {
              "name": "http://packetstormsecurity.com/files/124611/IBM-Web-Content-Manager-XPath-Injection.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/124611/IBM-Web-Content-Manager-XPath-Injection.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-6735",
    "datePublished": "2013-12-22T15:00:00",
    "dateReserved": "2013-11-08T00:00:00",
    "dateUpdated": "2024-08-06T17:46:22.701Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-6735\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2013-12-22T15:16:04.443\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x through 8.0.0.1 CF08 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a modified Web Content Manager (WCM) URL.\"},{\"lang\":\"es\",\"value\":\"IBM Websphere Portal 6.0.0.x hasta 6.0.0.1, 6.0.1.x hasta 6.0.1.7, 6.1.0.x hasta 6.1.0.6 CF27, 6.1.5.x hasta 6.1.5.3 CF27, 7.0.0.x hasta 7.0.0.2 CF26, y 8.0.0.x hasta 8.0.0.1 CF08 permite a atacantes remotos obtener informaci\u00f3n Java Content Repository (JCR) sensile a trav\u00e9s de una URL Web Content Manager (WCM) modificada.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C753E1B-D81B-4995-877E-58EDD6F49DDB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D54D4DB-FA55-47AE-9E19-FB8368FD40C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.0.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"092F8012-A1EE-46CE-B2B2-0604BF4ACBBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9FC6A48A-E669-4AA0-AD83-85778A7B6C67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.0.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F8C5AD9-2086-4131-A03C-02A89D822080\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.0.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82FC2F98-1E99-4B50-88D5-7A2904F4585C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.0.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B7F74AC-2B5E-4B6C-9551-576A4F312BBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.0.1.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC51FA38-1C63-47F5-A4CF-1128396B62C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.0.1.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBCCA8DE-50EF-4154-AF48-A8E1AA2659B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.0.1.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF550E47-49FB-4EBC-83E7-4CFCB7279FEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E618064A-3D05-4DC6-9A47-0EDF2427642F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DE74154-3E79-4D56-96C4-D8E644F1419D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA915826-5D89-43E9-83E7-88973648302A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5DB29F4-59AB-439C-91C4-CDF677676C26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.1.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D6CA922-11EF-4315-A09A-B4A8937E4CF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.1.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"526738D7-1AF8-4A8F-B833-BA0E35973A3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.1.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13D6BE9C-16FD-4FB4-8A87-56B42C246316\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3F1964FC-672F-4139-938F-A8EF9D86D9C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.1.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5B50CEA-AFC4-4B45-9954-519965237FC3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.1.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0902AC0F-EA4D-4E65-A70A-15DE9B904B35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:6.1.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D808F95D-C6BD-43EB-B16C-66449977BCFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:7.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D303B0B9-CDAB-409B-AE44-512D4791C36F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:7.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6ECEE98-B276-4ED6-AA5A-109EA57E9925\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:7.0.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E4FF84B-A17F-464B-A718-67C44D2C69BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:8.0.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C90EF7A4-8181-42C3-BB95-395D0DD94C14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:websphere_portal:8.0.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F40E0F5-B964-4BDC-828E-7571619F7C5B\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/101255\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://packetstormsecurity.com/files/124611/IBM-Web-Content-Manager-XPath-Injection.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://secunia.com/advisories/56161\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1PI07777\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21660289\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/530552/100/0/threaded\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www.securityfocus.com/bid/64496\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1029539\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/89591\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_fix_available_for_unauthorized_information_retrieval_security_vulnerability_in_ibm_websphere_portal_cve_2013_6735\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://osvdb.org/101255\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://packetstormsecurity.com/files/124611/IBM-Web-Content-Manager-XPath-Injection.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://secunia.com/advisories/56161\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg1PI07777\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Not Applicable\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=swg21660289\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/530552/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/64496\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1029539\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/89591\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_fix_available_for_unauthorized_information_retrieval_security_vulnerability_in_ibm_websphere_portal_cve_2013_6735\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.