Vulnerability Details CVE-2013-5454
IBM WebSphere Portal 6.0 through 6.0.1.7, 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF25, and 8.0 through 8.0.0.1 CF08 allows remote attackers to read arbitrary files via a modified URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 75.7%
CVSS Severity
CVSS v2 Score 4.3
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM99205
- http://www-01.ibm.com/support/docview.wss?uid=swg21655656
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88253
- http://www-01.ibm.com/support/docview.wss?uid=swg1PM99205
- http://www-01.ibm.com/support/docview.wss?uid=swg21655656
- https://exchange.xforce.ibmcloud.com/vulnerabilities/88253
Products affected by CVE-2013-5454
-
cpe:2.3:a:ibm:websphere_portal:6.0.0.0
-
cpe:2.3:a:ibm:websphere_portal:6.0.0.1
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.0
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.1
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.2
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.3
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.4
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.5
-
cpe:2.3:a:ibm:websphere_portal:6.0.1.6
-
cpe:2.3:a:ibm:websphere_portal:6.1
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.0
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.1
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.2
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.3
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.4
-
cpe:2.3:a:ibm:websphere_portal:6.1.0.5
-
cpe:2.3:a:ibm:websphere_portal:6.1.5.0
-
cpe:2.3:a:ibm:websphere_portal:6.1.5.1
-
cpe:2.3:a:ibm:websphere_portal:6.1.5.2
-
cpe:2.3:a:ibm:websphere_portal:6.1.5.3
-
cpe:2.3:a:ibm:websphere_portal:7.0.0.0
-
cpe:2.3:a:ibm:websphere_portal:7.0.0.1
-
cpe:2.3:a:ibm:websphere_portal:7.0.0.2
-
cpe:2.3:a:ibm:websphere_portal:8.0
-
cpe:2.3:a:ibm:websphere_portal:8.0.0.0
-
cpe:2.3:a:ibm:websphere_portal:8.0.0.1