PT-2013-5994 · Ibm · Ibm Websphere Portal

Publicado

2013-12-22

Atualizado

2017-08-29

CVE-2013-6316

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM WebSphere Portal versions 7.0.0.x through 7.0.0.2 CF25 IBM WebSphere Portal versions 8.0.0.x through 8.0.0.0 CF08

Description The issue arises from improper handling of content-selection changes during Taxonomy component rendering. This allows remote attackers to obtain sensitive property information by leveraging an error in a Web Content Manager (WCM) context processor.

Recommendations For IBM WebSphere Portal versions 7.0.0.x through 7.0.0.2 CF25, update to version 7.0.0.2 CF26 or later. For IBM WebSphere Portal versions 8.0.0.x through 8.0.0.0 CF08, update to version 8.0.0.1 CF09 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2013-6316

Produtos afetados

Ibm Websphere Portal

PT-2013-5994 · Ibm · Ibm Websphere Portal

CVE-2013-6316

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7