Vulnerability Details CVE-2013-3993
IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended file and directory restrictions, or access untrusted data or code, via crafted parameters in unspecified API calls.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.132
EPSS Ranking 93.8%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 3.5
Proposed Action
Certain APIs within BigInsights can take invalid input that might allow attackers unauthorized access to read, write, modify, or delete data.
Ransomware Campaign
Known
References
- http://secunia.com/advisories/59676
- http://www-01.ibm.com/support/docview.wss?uid=swg21677445
- http://www.securityfocus.com/bid/68449
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84982
- http://secunia.com/advisories/59676
- http://www-01.ibm.com/support/docview.wss?uid=swg21677445
- http://www.securityfocus.com/bid/68449
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84982
Products affected by CVE-2013-3993
-
cpe:2.3:a:ibm:infosphere_biginsights:1.1.0.0
-
cpe:2.3:a:ibm:infosphere_biginsights:1.1.0.1
-
cpe:2.3:a:ibm:infosphere_biginsights:1.1.0.2
-
cpe:2.3:a:ibm:infosphere_biginsights:1.2.0.0
-
cpe:2.3:a:ibm:infosphere_biginsights:1.3.0.0
-
cpe:2.3:a:ibm:infosphere_biginsights:1.3.0.1
-
cpe:2.3:a:ibm:infosphere_biginsights:1.4.0.0
-
cpe:2.3:a:ibm:infosphere_biginsights:2.0.0.0
-
cpe:2.3:a:ibm:infosphere_biginsights:2.1.0.0
-
cpe:2.3:a:ibm:infosphere_biginsights:2.1.0.1
-
cpe:2.3:a:ibm:infosphere_biginsights:2.1.0.2