PT-2013-4816 · Ibm · Ibm Spss Analytical Decision Management

Published

2013-09-16

Updated

2017-08-29

CVE-2013-4049

CVSS v2.0

8.5

High

Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM SPSS Analytical Decision Management versions 6.1 through 6.1 before IF1 IBM SPSS Analytical Decision Management versions 6.2 through 6.2 before IF1 IBM SPSS Analytical Decision Management versions 7.0 through 7.0 before FP1 IF6

Description The issue allows remote authenticated users to execute arbitrary code by uploading and accessing a JSP file, due to an unrestricted file upload vulnerability.

Recommendations For IBM SPSS Analytical Decision Management versions 6.1 through 6.1 before IF1, apply the IF1 patch to resolve the issue. For IBM SPSS Analytical Decision Management versions 6.2 through 6.2 before IF1, apply the IF1 patch to resolve the issue. For IBM SPSS Analytical Decision Management versions 7.0 through 7.0 before FP1 IF6, apply the FP1 IF6 patch to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2013-4049

Affected Products

Ibm Spss Analytical Decision Management

PT-2013-4816 · Ibm · Ibm Spss Analytical Decision Management

CVE-2013-4049

Related Identifiers

Affected Products

References · 3