Vulnerability Details CVE-2013-5454
IBM WebSphere Portal 6.0 through 6.0.1.7, 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF25, and 8.0 through 8.0.0.1 CF08 allows remote attackers to read arbitrary files via a modified URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.3%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM99205
- http://www-01.ibm.com/support/docview.wss?uid=swg21655656
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88253
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM99205
- http://www-01.ibm.com/support/docview.wss?uid=swg21655656
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88253
Products affected by CVE-2013-5454
-
cpe:2.3:a:ibm:websphere_portal:6.0.0.0
-
cpe:2.3:a:ibm:websphere_portal:6.0.0.1
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.0
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.1
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.2
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.3
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.4
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.5
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.6
-
cpe:2.3:a:ibm:websphere_portal:6.1
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.0
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.1
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.2
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.3
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.4
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.5
-
cpe:2.3:a:ibm:websphere_portal:6.1.5.0
-
cpe:2.3:a:ibm:websphere_portal:6.1.5.1
-
cpe:2.3:a:ibm:websphere_portal:6.1.5.2
-
cpe:2.3:a:ibm:websphere_portal:6.1.5.3
-
cpe:2.3:a:ibm:websphere_portal:7.0.0.0
-
cpe:2.3:a:ibm:websphere_portal:7.0.0.1
-
cpe:2.3:a:ibm:websphere_portal:7.0.0.2
-
cpe:2.3:a:ibm:websphere_portal:8.0
-
cpe:2.3:a:ibm:websphere_portal:8.0.0.0
-
cpe:2.3:a:ibm:websphere_portal:8.0.0.1