Vulnerability Details : CVE-2013-4067
IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and 9.1 allows remote attackers to hijack sessions and read cookie values, or conduct phishing attacks to capture credentials, via unspecified vectors.
Products affected by CVE-2013-4067
- cpe:2.3:a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:8.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:8.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:8.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:8.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:8.5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:8.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-4067
0.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 65 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-4067
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:N |
8.6
|
4.9
|
NIST |
CWE ids for CVE-2013-4067
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-4067
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/86598
IBM InfoSphere Information Server cross-site scripting CVE-2013-4067 Vulnerability Report
-
http://www.securityfocus.com/bid/62768
IBM InfoSphere Information Server CVE-2013-4067 Security Vulnerability
-
http://www.ibm.com/support/docview.wss?uid=swg21651343
IBM Security Bulletin: Multiple security vulnerabilities exist in IBM InfoSphere Information Server (CVE-2013-4066 and CVE-2013-4067)Vendor Advisory
Jump to