PT-2014-3088 · Ibm · Algo Security Access Control Management+3

Published

2014-03-05

Updated

2017-08-29

CVE-2013-6319

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions IBM Algo One versions 4.7.0 through 5.0.0 ACSWeb in Algo Security Access Control Management versions 4.7.0 through 4.9.0 ACSWeb in AlgoWebApps version 5.0.0

Description The issue allows remote authenticated users to bypass intended access restrictions and read content.

Recommendations For IBM Algo One versions 4.7.0 through 5.0.0, update to a version that addresses the access restriction bypass issue. For ACSWeb in Algo Security Access Control Management versions 4.7.0 through 4.9.0, update to a version that addresses the access restriction bypass issue. For ACSWeb in AlgoWebApps version 5.0.0, update to a version that addresses the access restriction bypass issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2013-6319

Affected Products

Acsweb

Algo Security Access Control Management

Algowebapps

Ibm Algo One

PT-2014-3088 · Ibm · Algo Security Access Control Management+3

CVE-2013-6319

Weakness Enumeration

Related Identifiers

Affected Products

References · 3