| |
Vulnerability CVE-2013-6734
Published: 2014-02-22 Modified: 2014-02-23
| Description: |
IBM WebSphere eXtreme Scale Client through 8.6.0 does not properly isolate the cached data of different users, which allows remote authenticated users to obtain sensitive information in opportunistic circumstances by leveraging access to the same web container. |
Type:
CWE-264 (Permissions, Privileges, and Access Controls)
CVSS2 => (AV:N/AC:M/Au:S/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
3.5/10 |
2.9/10 |
6.8/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
Single time |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
http://www-01.ibm.com/support/docview.wss?uid=swg21664641
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
