CVE-2013-6730

Name of the Vulnerable Software and Affected Versions IBM WebSphere Portal versions 6.1.0.x through 6.1.0.6 CF27 IBM WebSphere Portal versions 6.1.5.x through 6.1.5.3 CF27 IBM WebSphere Portal versions 7.0.0.x before 7.0.0.2 CF27 IBM WebSphere Portal versions 8.0.0.x before 8.0.0.1 CF10

Description The issue allows remote attackers to bypass intended read restrictions on an item by accessing that item within search results when the wcm.path.traversal.security setting is enabled.

Recommendations For versions 6.1.0.x through 6.1.0.6 CF27, update to a version after 6.1.0.6 CF27. For versions 6.1.5.x through 6.1.5.3 CF27, update to a version after 6.1.5.3 CF27. For versions 7.0.0.x before 7.0.0.2 CF27, update to version 7.0.0.2 CF27 or later. For versions 8.0.0.x before 8.0.0.1 CF10, update to version 8.0.0.1 CF10 or later.