CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-2951

IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. IBM X-Force ID: 83621.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.6%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 2.1

References

http://www-01.ibm.com/support/docview.wss?uid=swg21642097
https://exchange.xforce.ibmcloud.com/vulnerabilities/83621
http://www-01.ibm.com/support/docview.wss?uid=swg21642097
https://exchange.xforce.ibmcloud.com/vulnerabilities/83621

Products affected by CVE-2013-2951

Ibm » Websphere Portal » Version: 7.0.0.0

cpe:2.3:a:ibm:websphere_portal:7.0.0.0
Ibm » Websphere Portal » Version: 7.0.0.1

cpe:2.3:a:ibm:websphere_portal:7.0.0.1
Ibm » Websphere Portal » Version: 7.0.0.2

cpe:2.3:a:ibm:websphere_portal:7.0.0.2
Ibm » Websphere Portal » Version: 8.0.0.0

cpe:2.3:a:ibm:websphere_portal:8.0.0.0
Ibm » Websphere Portal » Version: 8.0.0.1

cpe:2.3:a:ibm:websphere_portal:8.0.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-2951

Products

Pricing

Contact Us