CVE-2013-0505

Sažetak

IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to conduct XPath injection attacks, and read arbitrary XML files, via unspecified vectors.

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg1ID358571
http://www-01.ibm.com/support/docview.wss?uid=swg21631302
https://exchange.xforce.ibmcloud.com/vulnerabilities/82339

CVSS

Base:	5.5
Impact:	4.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	NONE

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:N

Zadnje važnije ažuriranje

29-08-2017 - 01:33

Objavljeno

19-03-2013 - 18:55