Vulnerability CVE-2013-5433
Published: 2014-08-11   Modified: 2014-08-12

Description:
The Data Growth Solution for JD Edwards EnterpriseOne in IBM InfoSphere Optim 3.0 through 9.1 has hardcoded database credentials, which allows remote authenticated users to obtain sensitive information by reading an unspecified field in an XML document.

Type:

CWE-255

 (Credentials Management)

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
IBM -> Infosphere optim data growth solution for siebel crm 

 References:
http://www-01.ibm.com/support/docview.wss?uid=swg21680575
http://xforce.iss.net/xforce/xfdb/87639
Copyright 2024, cxsecurity.com

 

Back to Top