Vulnerability Description
Unrestricted file upload vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote authenticated users to execute arbitrary code by uploading and accessing a JSP file.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Spss Analytical Decision Management | 6.1.0.0 |
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21648929Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86442
- http://www-01.ibm.com/support/docview.wss?uid=swg21648929Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86442
FAQ
What is CVE-2013-4049?
CVE-2013-4049 is a vulnerability with a CVSS score of 8.5 (HIGH). Unrestricted file upload vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote authenticated users to execute arbitrary code by ...
How severe is CVE-2013-4049?
CVE-2013-4049 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4049?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Spss Analytical Decision Management.