CVE-2013-6734

Published Feb 22, 2014

Last updated 7 years ago

CVSS info 3.5

Overview

Description: IBM WebSphere eXtreme Scale Client 7.1 through 8.6.0.4 does not properly isolate the cached data of different users, which allows remote authenticated users to obtain sensitive information in opportunistic circumstances by leveraging access to the same web container.
Source: psirt@us.ibm.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 3.5
Impact score: 2.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-264

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64863DB8-00A6-4EDF-A451-5FFC89594B88",
            "versionEndIncluding": "8.6.0.4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:7.0.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0E75292F-3114-4BAE-AFB2-1DF58D08F2E4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1B294AB-DC67-40AE-ABE2-F2FBD0C0457A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "508DF17B-4141-42BD-B1D3-2BFF49A95B91"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D63B6556-7631-4DEC-B74A-E00E9E95B815"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17BB04FF-DA77-429F-85B0-38F3360FB5A9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:7.1.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E85FDD6-7E95-44B7-9202-7DA706BF7F82"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:8.5.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "684B0290-464C-4AFE-B74C-8DF7926745D0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:8.5.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "34646FFE-3403-4EC0-97E8-DBFADD312374"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:8.5.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "26E425B9-DB4B-4E08-A665-AA4AE3FCF27E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:8.5.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB7C5438-1006-4FAB-BB71-C4D920C630CA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:8.6.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "485D6EB8-5419-45AB-A368-49897BFDBC0A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:8.6.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B9EA684D-93D4-4846-831A-4DEA42EF821E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:8.6.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB4D202E-A04E-4710-9339-554291240998"
          },
          {
            "criteria": "cpe:2.3:a:ibm:websphere_extreme_scale_client:8.6.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "813A4312-7D74-4600-B5F2-4DD158E05CFC"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References