CVE-2013-3993

IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended file and directory restrictions, or access untrusted data or code, via crafted parameters in unspecified API calls.

Published: Jul 7, 2014
Updated: Jun 29, 2024
CVE: CVE-2013-3993
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 3.5
AV:N/AC:M/Au:S/C:P/I:N/A:N

CWEs:

CWE-22
CWE-264

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
ibm / infosphere_biginsights	-	2.1.0.3

http://secunia.com/advisories/59676
http://www-01.ibm.com/support/docview.wss?uid=swg21677445
http://www.securityfocus.com/bid/68449
https://exchange.xforce.ibmcloud.com/vulnerabilities/84982

Vulnerability Database

289,784

CVE-2013-3993