CVE-2013-0578
Published May 10, 2013
Last updated 7 years ago
Overview
- Description
- The Sterling Order Management APIs in IBM Sterling Multi-Channel Fulfillment Solution 8.0 before HF128 and IBM Sterling Selling and Fulfillment Foundation 8.5 before HF93, 9.0 before HF73, 9.1.0 before FP45, and 9.2.0 before FP17, when the API tester is enabled, do not require administrative credentials, which allows remote authenticated users to obtain sensitive database information via a request to the API tester URI.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-287
Evaluator
- Comment
- Per: http://www-01.ibm.com/support/docview.wss?uid=swg21636034 'AFFECTED PRODUCTS AND VERSIONS: IBM Sterling Selling and Fulfillment Foundation 9.2.0 IBM Sterling Selling and Fulfillment Foundation 9.1.0 IBM Sterling Selling and Fulfillment Foundation 9.0 IBM Sterling Selling and Fulfillment Foundation 8.5 IBM Sterling Multi-Channel Fulfillment Solution 8.0'
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:sterling_multi-channel_fulfillment_solution:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "019E1589-F72C-4024-9EF2-37B9CB54FDE6"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:8.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F67E9BBD-95B4-46E5-A980-72BFDFDAF9B6"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCAA2413-4055-4121-AEDE-E6F97428D351"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F5029B7-9CE0-44B2-A12D-6D51A04B1C4A"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "398EC0D4-2273-4C5E-BD60-273E2EA10055"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2992C75-CC4B-40D2-A107-527A4BD3BEC2"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86997623-ED4B-44CD-A74A-E31D136A395B"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C81F34C2-FDDE-4DEB-B3B6-7B50299F68C7"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E5B6C9C-2963-441D-844E-F1BBE103E6F6"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7436A337-88FD-4F97-8957-D6CD5319CB96"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9732B9B2-378E-4142-942B-2E792B00F2F2"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26F7A5AF-191F-47A3-8E62-D41B6E8F34FF"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6AC359F7-6BDF-4427-AFDB-E36CC2A85CDE"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6A235E8-9231-46DD-9699-99603A14762D"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "03D9A32B-A2D7-48CF-9F0B-FB745221A246"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "565B6588-323E-4633-8C6C-5ADF4AE47FF7"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C349A3A-2883-4183-9D66-8A0D230E7C8A"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D0BFD39-20EC-4454-960A-4D75064EC961"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB8BD4C9-DA50-4D0E-8809-071FEE60A999"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.2.0.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "928C51B7-0BB4-4C90-9353-9BB904F0EBAC"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "843E8EC3-1965-48FE-8FB9-A6A08BDD4C67"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2CCDCDC-671C-44E3-AAE2-46FAE57205E5"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11C7813E-424E-49F0-94C1-57740102591F"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D6E17EC-1B43-45C6-964F-9276667EEBD6"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AFAB7A62-9828-451C-8B04-5B2D3A329552"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8B278CD4-1710-419F-88EE-A48880D73B42"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC2D7CEB-7E93-4901-A400-5CD684A476E9"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC5817C2-0BBD-4F5B-8831-FC4B2C628C54"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5CB3C56B-6436-43B2-9CB2-DCEC21B4734D"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1160E6A-A2DC-4D06-922D-C6CAE3734DBD"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "50CC495B-1160-4E0F-9DBC-200F940DD1B4"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F70D844-7980-4C4C-A3F6-5A8E338994E8"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72A9F9FE-FA2C-49A0-A7F3-3956AC41B058"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B431899-524C-45B7-948C-2766072768F2"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64C77E75-AF19-4D62-89CD-975BB0CB0EE8"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1140D4E1-9600-4131-AAD6-9DEAD1BF23FE"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA025552-E704-4F46-8E62-3CFD628BD025"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE726D3E-E37C-4FE2-B5E6-E2AEE3C15E3E"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6D079F7C-0BD9-4FA3-85E2-D562E8E5C0A0"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2441EA6F-98AA-4FEC-9247-6A8150CFE96E"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "052BB05B-1573-4163-9987-8177179A6871"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.21:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8385A7D3-E272-4358-8245-28E0C187054C"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.22:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F846E68-11F3-4877-8FC4-BD285789EAE8"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.23:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEC23876-C1F0-486D-B2C6-DAB21B0DDD3B"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.24:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE7A9C72-335D-4A36-A32C-A86C76FA0C23"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.25:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4235BFBA-2663-45AB-A0E1-D7FE5C161DAB"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.26:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FC43B4B-D243-4A21-BA8D-6BEC2F20C231"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.27:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "014C49DF-790C-4D12-B2B4-D6732676F325"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.28:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E6B7FCDE-16A4-4A0E-9349-F6D2D4B35FA5"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.29:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E03FBE3-021E-4D25-8426-5DF89C1382CC"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.30:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ECD27C3E-1491-41CF-96E9-56A32479BEDF"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.31:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6AE36402-4154-4C6F-99C6-DF5E139AA791"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.32:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E0991736-56A9-4623-AA28-A693449C92D0"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.33:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EBC014E2-250E-418E-B763-34B14757B48F"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.34:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72688E67-12CA-401D-976E-C66DC6D25A25"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.35:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B71F765-1019-4B63-8D31-A01D654A186E"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.36:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CE187CA-97B0-49FA-986D-060F82E9BFA3"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.37:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7068096-9BC1-48C6-B2E6-DD5084A1DF67"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.38:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44430DAC-857A-43B9-9DBE-58AC3D3F67D6"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.39:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DDFD7AE-8FAD-4E43-9CE3-E206D9005779"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.40:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "05F32344-6B36-44D6-92B1-D2A130F5A4B5"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.41:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6652468E-AFF7-4F53-A2FF-6FB5729CDCA3"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.42:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "406606D2-A04B-470C-B147-78F86F6A7823"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.43:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "14F3941F-238E-420B-9670-4F9EB47D3A46"
},
{
"criteria": "cpe:2.3:a:ibm:sterling_selling_and_fulfillment_foundation:9.1.0.44:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21D8AA80-B451-45E9-9FD3-E241777354D7"
}
],
"operator": "OR"
}
]
}
]