CVE-2013-4067

EUVD-2013-3998
IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and 9.1 allows remote attackers to hijack sessions and read cookie values, or conduct phishing attacks to capture credentials, via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 47%
Affected Products (NVD)
VendorProductVersion
ibminfosphere_information_server
8.0
ibminfosphere_information_server
8.1
ibminfosphere_information_server
8.5
ibminfosphere_information_server
8.5.0.1
ibminfosphere_information_server
8.5.0.2
ibminfosphere_information_server
8.5.0.3
ibminfosphere_information_server
8.7
ibminfosphere_information_server
9.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg21651343
http://www.securityfocus.com/bid/62768
https://exchange.xforce.ibmcloud.com/vulnerabilities/86598
http://www.ibm.com/support/docview.wss?uid=swg21651343
http://www.securityfocus.com/bid/62768
https://exchange.xforce.ibmcloud.com/vulnerabilities/86598