CVE-2013-3993

MEDIUM KEV RANSOMWARE

IBM Infosphere Biginsights < 2.1.0.3 - Path Traversal

Title source: rule

Description

IBM InfoSphere BigInsights before 2.1.0.3 allows remote authenticated users to bypass intended file and directory restrictions, or access untrusted data or code, via crafted parameters in unspecified API calls.

References (5)

[Broken Link] http://secunia.com/advisories/59676

[Broken Link, Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=swg21677445

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/68449

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/84982

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-3993

Scores

CVSS v3 6.5

EPSS 0.2105

EPSS Percentile 95.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitation Intel

CISA KEV 2022-05-25

VulnCheck KEV 2022-01-26

InTheWild.io 2022-05-25

ENISA EUVD EUVD-2013-3925

Ransomware Use Confirmed

Classification

CWE

CWE-22

Status draft

Affected Products (1)

ibm/infosphere_biginsights < 2.1.0.3

Timeline

Published Jul 07, 2014

KEV Added May 25, 2022

Tracked Since Feb 18, 2026