Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-6304

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2013-6304
Last Modified 29 Apr 2015 09:59:27
Published 06 Mar 2014 06:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2013-6304

Summary

Multiple directory traversal vulnerabilities in Algo Risk Application (ARA) 2.4.0.1 through 4.9.1 in IBM Algo One allow remote authenticated users to bypass intended access restrictions via a crafted pathname for a (1) configuration or (2) JAR file.

Vulnerable Systems

Application

  • Ibm Algo One 4.9.1

  • Ibm Algo Risk Application 2.4.0.1

  • Ibm Algo Risk Application 2.4.1

  • Ibm Algo Risk Application 2.4.2

  • Ibm Algo Risk Application 2.5.0

  • Ibm Algo Risk Application 2.5.1

  • Ibm Algo Risk Application 2.5.2

  • Ibm Algo Risk Application 2.5.3

  • Ibm Algo Risk Application 2.5.4

  • Ibm Algo Risk Application 2.5.5

  • Ibm Algo Risk Application 2.5.5.2

  • Ibm Algo Risk Application 2.5.6

  • Ibm Algo Risk Application 2.5.7.1

  • Ibm Algo Risk Application 2.5.7.2

  • Ibm Algo Risk Application 2.5.8

  • Ibm Algo Risk Application 4.5.1

  • Ibm Algo Risk Application 4.5.2

  • Ibm Algo Risk Application 4.5.3

  • Ibm Algo Risk Application 4.5.4

  • Ibm Algo Risk Application 4.6.0

  • Ibm Algo Risk Application 4.6.1

  • Ibm Algo Risk Application 4.7.0

  • Ibm Algo Risk Application 4.7.1

  • Ibm Algo Risk Application 4.8.0

  • Ibm Algo Risk Application 4.9.0

  • Ibm Algo Risk Application 4.9.1


References

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21666093

XF - ibm-algo-cve20136304-dir-traversal(88535)

BID - 65929


Last Updated: 27 May 2016 11:08:36