Vulnerability Description
The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Websphere Datapower Xc10 Appliance | - |
| Ibm | Websphere Datapower Xc10 Appliance Firmware | 2.1.0.0 |
References
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC93164
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC96617
- http://www.ibm.com/support/docview.wss?uid=swg21653546Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87910
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC93164
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC96617
- http://www.ibm.com/support/docview.wss?uid=swg21653546Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87910
FAQ
What is CVE-2013-5446?
CVE-2013-5446 is a vulnerability with a CVSS score of 10.0 (HIGH). The console on IBM WebSphere DataPower XC10 appliances 2.1.0 and 2.5.0 does not properly process logoff actions, which has unspecified impact and remote attack vectors.
How severe is CVE-2013-5446?
CVE-2013-5446 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5446?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Websphere Datapower Xc10 Appliance, Ibm Websphere Datapower Xc10 Appliance Firmware.