IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x through 8.0.0.1 CF08 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a modified Web Content Manager (WCM) URL.
References
Link | Resource |
---|---|
http://osvdb.org/101255 | |
http://packetstormsecurity.com/files/124611/IBM-Web-Content-Manager-XPath-Injection.html | Exploit Third Party Advisory VDB Entry |
http://secunia.com/advisories/56161 | |
http://www-01.ibm.com/support/docview.wss?uid=swg1PI07777 | Not Applicable |
http://www-01.ibm.com/support/docview.wss?uid=swg21660289 | Patch Vendor Advisory |
http://www.securityfocus.com/archive/1/530552/100/0/threaded | |
http://www.securityfocus.com/bid/64496 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1029539 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/89591 | |
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_fix_available_for_unauthorized_information_retrieval_security_vulnerability_in_ibm_websphere_portal_cve_2013_6735 | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: ibm
Published: 2013-12-22T15:00:00
Updated: 2018-10-09T18:57:01
Reserved: 2013-11-08T00:00:00
Link: CVE-2013-6735
JSON object: View
NVD Information
Status : Modified
Published: 2013-12-22T15:16:04.443
Modified: 2018-10-09T19:34:55.643
Link: CVE-2013-6735
JSON object: View
Redhat Information
No data.
CWE