CVE-2013-4044

Published Dec 21, 2013

Last updated 7 years ago

Overview

Description: IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote authenticated users to read application log files via a direct HTTP request.
Source: psirt@us.ibm.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92B33DCA-ADCC-4521-9B8D-4A407FB9608E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAA2C39D-902A-442F-AA6B-62BC8C380436"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7D801CF8-F6A0-4E40-8011-AE8D5A2F5C0B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EFB0A724-CAC6-45E1-85D6-592BE4660695"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FA0641C-E2DB-4FDA-BD5F-51C7195D5389"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F050F5EC-1334-45FC-911D-75FB5B9C7244"
          },
          {
            "criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7CD574C3-DA32-4CD6-95DB-39F0CE663D6E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References