CVE-2013-4049

Name of the Vulnerable Software and Affected Versions IBM SPSS Analytical Decision Management versions 6.1 through 6.1 before IF1 IBM SPSS Analytical Decision Management versions 6.2 through 6.2 before IF1 IBM SPSS Analytical Decision Management versions 7.0 through 7.0 before FP1 IF6

Description The issue allows remote authenticated users to execute arbitrary code by uploading and accessing a JSP file, due to an unrestricted file upload vulnerability.

Recommendations For IBM SPSS Analytical Decision Management versions 6.1 through 6.1 before IF1, apply the IF1 patch to resolve the issue. For IBM SPSS Analytical Decision Management versions 6.2 through 6.2 before IF1, apply the IF1 patch to resolve the issue. For IBM SPSS Analytical Decision Management versions 7.0 through 7.0 before FP1 IF6, apply the FP1 IF6 patch to resolve the issue.