CVE-2013-5446

EUVD-2013-5286
The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Affected Products (NVD)
VendorProductVersion
ibmwebsphere_datapower_xc10_appliance
-
ibmwebsphere_datapower_xc10_appliance_firmware
2.1.0.0
ibmwebsphere_datapower_xc10_appliance_firmware
2.5.0.0
𝑥
= Vulnerable software versions
References
http://www-01.ibm.com/support/docview.wss?uid=swg1IC93164
http://www-01.ibm.com/support/docview.wss?uid=swg1IC96617
http://www.ibm.com/support/docview.wss?uid=swg21653546
https://exchange.xforce.ibmcloud.com/vulnerabilities/87910
http://www-01.ibm.com/support/docview.wss?uid=swg1IC93164
http://www-01.ibm.com/support/docview.wss?uid=swg1IC96617
http://www.ibm.com/support/docview.wss?uid=swg21653546
https://exchange.xforce.ibmcloud.com/vulnerabilities/87910