Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2013-3993

IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended file and directory restrictions, or access untrusted data or code, via crafted parameters in unspecified API calls.

Published

2014-07-07T11:01:28.383

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:S/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: SINGLE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

6.8

Impact Score

2.9

Weaknesses

Type: Primary
CWE-22
Type: Secondary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	infosphere_biginsights	< 2.1.0.3	Yes

References

http://secunia.com/advisories/59676 Broken Link ([email protected])
http://www-01.ibm.com/support/docview.wss?uid=swg21677445 Broken Link, Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/68449 Broken Link, Third Party Advisory, VDB Entry ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/84982 Third Party Advisory, VDB Entry ([email protected])
http://secunia.com/advisories/59676 Broken Link (af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21677445 Broken Link, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/68449 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/84982 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)