CVE-2013-6332 — HIGH (8.5) — White Hats Nepal

Vulnerability Description

Unrestricted file upload vulnerability in IBM Algo One UDS 4.7.0 through 5.0.0 allows remote authenticated users to execute arbitrary code by uploading a .jsp file and then launching it.

CVSS Score

8.5

HIGH

AV:N/AC:M/Au:S/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Ibm	Algo One	4.7.0

References

http://www.ibm.com/support/docview.wss?uid=swg21663820Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/89023
http://www.ibm.com/support/docview.wss?uid=swg21663820Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/89023

FAQ

What is CVE-2013-6332?

CVE-2013-6332 is a vulnerability with a CVSS score of 8.5 (HIGH). Unrestricted file upload vulnerability in IBM Algo One UDS 4.7.0 through 5.0.0 allows remote authenticated users to execute arbitrary code by uploading a .jsp file and then launching it.

How severe is CVE-2013-6332?

CVE-2013-6332 has been rated HIGH with a CVSS base score of 8.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-6332?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Algo One.