IBM » Spss Collaboration And Deployment Services : Security Vulnerabilities, CVEs, Published In 2013 (Information Leak)
The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to discover an internal password via unspecified vectors.
Max CVSS
5.0
EPSS Score
0.29%
Published
2013-12-21
Updated
2017-08-29
The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Max CVSS
5.0
EPSS Score
0.29%
Published
2013-12-21
Updated
2017-08-29
IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote authenticated users to read application log files via a direct HTTP request.
Max CVSS
4.0
EPSS Score
0.12%
Published
2013-12-21
Updated
2017-08-29
3 vulnerabilities found