Vulnerability Description
IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to conduct XPath injection attacks, and read arbitrary XML files, via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Sterling Multi-Channel Fulfillment Solution | 8.0 |
| Ibm | Sterling Selling And Fulfillment Foundation | 8.5 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1ID358571
- http://www-01.ibm.com/support/docview.wss?uid=swg21631302Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82339
- http://www-01.ibm.com/support/docview.wss?uid=swg1ID358571
- http://www-01.ibm.com/support/docview.wss?uid=swg21631302Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/82339
FAQ
What is CVE-2013-0505?
CVE-2013-0505 is a vulnerability with a CVSS score of 5.5 (MEDIUM). IBM Sterling Order Management 8.0 before HF127, 8.5 before HF89, 9.0 before HF69, 9.1.0 before FP41, and 9.2.0 before FP13 allows remote authenticated users to conduct XPath injection attacks, and rea...
How severe is CVE-2013-0505?
CVE-2013-0505 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-0505?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Sterling Multi-Channel Fulfillment Solution, Ibm Sterling Selling And Fulfillment Foundation.