Vulnerability Description
IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x store unspecified authentication information in a cookie, which allows remote authenticated users to bypass intended access restrictions via unknown vectors.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Data Studio Web Console | 3.1.0 |
| Ibm | Db2 Recovery Expert | 2.0 |
| Ibm | Infosphere Optim Configuration Manager | 2.0 |
| Ibm | Optim Performance Manager | 5.1.0 |
Related Weaknesses (CWE)
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21650504Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85928
- http://www-01.ibm.com/support/docview.wss?uid=swg21650504Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85928
FAQ
What is CVE-2013-4022?
CVE-2013-4022 is a vulnerability with a CVSS score of 3.5 (LOW). IBM Data Studio Web Console 3.x before 3.2, Optim Performance Manager 5.x before 5.2, InfoSphere Optim Configuration Manager 2.x before 2.2, and DB2 Recovery Expert 2.x store unspecified authenticatio...
How severe is CVE-2013-4022?
CVE-2013-4022 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4022?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Data Studio Web Console, Ibm Db2 Recovery Expert, Ibm Infosphere Optim Configuration Manager, Ibm Optim Performance Manager.