Vulnerability Details : CVE-2013-4067
IBM InfoSphere Information Server 8.0, 8.1, 8.5 through FP3, 8.7, and 9.1 allows remote attackers to hijack sessions and read cookie values, or conduct phishing attacks to capture credentials, via unspecified vectors.
Exploit prediction scoring system (EPSS) score for CVE-2013-4067
Probability of exploitation activity in the next 30 days: 0.29%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 65 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-4067
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:N |
8.6
|
4.9
|
NIST |
CWE ids for CVE-2013-4067
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-4067
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/86598
IBM InfoSphere Information Server cross-site scripting CVE-2013-4067 Vulnerability Report
-
http://www.securityfocus.com/bid/62768
IBM InfoSphere Information Server CVE-2013-4067 Security Vulnerability
-
http://www.ibm.com/support/docview.wss?uid=swg21651343
IBM Security Bulletin: Multiple security vulnerabilities exist in IBM InfoSphere Information Server (CVE-2013-4066 and CVE-2013-4067)Vendor Advisory
Products affected by CVE-2013-4067
- cpe:2.3:a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:8.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:8.5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:8.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:8.5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:8.5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_information_server:8.0:*:*:*:*:*:*:*