CVE-2013-5400

{"id": "CVE-2013-5400", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-02-14T13:10:30.590", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=isg3T1020564", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87296", "source": "psirt@us.ibm.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-255"}]}], "descriptions": [{"lang": "en", "value": "An unspecified servlet in IBM Platform Symphony Developer Edition (DE) 5.2 and 6.1.x through 6.1.1 has hardcoded credentials, which allows remote attackers to bypass authentication and obtain \"local environment\" access via unknown vectors."}, {"lang": "es", "value": "Un servlet no especificado en IBM Platform Symphony Developer Edition (DE) 5.2 y 6.1.x hasta 6.1.1 tiene las credenciales embebidas, lo que permite a atacantes remotos evadir la autenticaci\u00f3n y obtener acceso al \"entorno local\" a trav\u00e9s de vectores desconocidos."}], "lastModified": "2017-08-29T01:33:45.480", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:platform_symphony:5.2:*:*:*:developer:*:*:*", "vulnerable": true, "matchCriteriaId": "EBBB2174-B82A-4129-9ADB-A8AB28833992"}, {"criteria": "cpe:2.3:a:ibm:platform_symphony:6.1.0:*:*:*:developer:*:*:*", "vulnerable": true, "matchCriteriaId": "74818384-5D69-4832-933E-1376928D3774"}, {"criteria": "cpe:2.3:a:ibm:platform_symphony:6.1.1:*:*:*:developer:*:*:*", "vulnerable": true, "matchCriteriaId": "FFA668AD-763A-4AC1-A6C2-AACB872A5EF4"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}