Ibm: >> Platform Symphony >> 5.2 Security Vulnerabilities
An unspecified servlet in IBM Platform Symphony Developer Edition (DE) 5.2 and 6.1.x through 6.1.1 has hardcoded credentials, which allows remote attackers to bypass authentication and obtain "local environment" access via unknown vectors.
CVSS Score
10.0
EPSS Score
0.036
Published
2014-02-14
IBM Platform Symphony 5.2 before build 229037 and 6.1.0.1 before build 229073 uses the same credentials encryption key across different customers' installations, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging knowledge of this key.
CVSS Score
4.3
EPSS Score
0.001
Published
2014-01-21
Buffer overflow in IBM Platform Symphony 5.2, 6.1, and 6.1.1 allows remote attackers to cause a denial of service (process crash or hang) via a malformed SOAP request with a large amount of request data.
CVSS Score
4.3
EPSS Score
0.007
Published
2013-11-06