CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-3998

CRLF injection vulnerability in the Web Application Enterprise Console in IBM InfoSphere BigInsights 1.1 and 2.x before 2.1 FP2 allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.3%

CVSS Severity

CVSS v2 Score 3.5

References

Products affected by CVE-2013-3998

Ibm » Infosphere Biginsights » Version: 1.1.0.0

cpe:2.3:a:ibm:infosphere_biginsights:1.1.0.0
Ibm » Infosphere Biginsights » Version: 1.1.0.1

cpe:2.3:a:ibm:infosphere_biginsights:1.1.0.1
Ibm » Infosphere Biginsights » Version: 1.1.0.2

cpe:2.3:a:ibm:infosphere_biginsights:1.1.0.2
Ibm » Infosphere Biginsights » Version: 1.2.0.0

cpe:2.3:a:ibm:infosphere_biginsights:1.2.0.0
Ibm » Infosphere Biginsights » Version: 1.3.0.0

cpe:2.3:a:ibm:infosphere_biginsights:1.3.0.0
Ibm » Infosphere Biginsights » Version: 1.3.0.1

cpe:2.3:a:ibm:infosphere_biginsights:1.3.0.1
Ibm » Infosphere Biginsights » Version: 1.4.0.0

cpe:2.3:a:ibm:infosphere_biginsights:1.4.0.0
Ibm » Infosphere Biginsights » Version: 2.0.0.0

cpe:2.3:a:ibm:infosphere_biginsights:2.0.0.0
Ibm » Infosphere Biginsights » Version: 2.1.0.0

cpe:2.3:a:ibm:infosphere_biginsights:2.1.0.0
Ibm » Infosphere Biginsights » Version: 2.1.0.1

cpe:2.3:a:ibm:infosphere_biginsights:2.1.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-3998

Products

Pricing

Contact Us