Vulnerability Details : CVE-2013-4039
IBM WebSphere Extended Deployment Compute Grid 8.0 before 8.0.0.3 allows remote authenticated users to obtain sensitive information, and consequently bypass intended access restrictions on jobs, via unspecified vectors.
Vulnerability category: Information leak
Products affected by CVE-2013-4039
- cpe:2.3:a:ibm:websphere_extended_deployment_compute_grid:*:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_extended_deployment_compute_grid:8.5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_extended_deployment_compute_grid:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_extended_deployment_compute_grid:8.0.0.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-4039
0.16%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 53 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-4039
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:N/A:N |
8.0
|
2.9
|
NIST |
CWE ids for CVE-2013-4039
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-4039
-
http://www-01.ibm.com/support/docview.wss?uid=swg21669554
IBM Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.5.2Vendor Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg1PM84760
IBM notice: The page you requested cannot be displayed
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/86175
IBM WebSphere Extended Deployment Compute Grid information disclosure CVE-2013-4039 Vulnerability Report
-
http://www-01.ibm.com/support/docview.wss?uid=swg21647485
IBM Security Bulletin: IBM WebSphere Extended Deployment Compute Grid Vulnerability (CVE-2013-4039)Vendor Advisory
-
http://www.securityfocus.com/bid/61992
IBM WebSphere Extended Deployment Compute Grid CVE-2013-4039 Information Disclosure Vulnerability
Jump to