CVE-2013-4043

IBM SPSS Collaboration and Deployment Services 4.x-4.2.1.2, 5.x-5.0 FP2, 6.x-6.0 - Unauthenticated Arbitrary File Read

Title source: llm
STIX 2.1

Description

The server in IBM SPSS Collaboration and Deployment Services 4.x before 4.2.1.3 IF3, 5.x before 5.0 FP3, and 6.x before 6.0 IF1 allows remote attackers to read arbitrary files via an unspecified HTTP request.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/86419
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PI07828
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21661169

Scores

EPSS 0.0135
EPSS Percentile 68.2%

Details

CWE
CWE-200
Status published
Products (13)
ibm/spss_collaboration_and_deployment_services 4.1.1.1
ibm/spss_collaboration_and_deployment_services 4.1.1.2
ibm/spss_collaboration_and_deployment_services 4.1.1.3
ibm/spss_collaboration_and_deployment_services 4.2.1
ibm/spss_collaboration_and_deployment_services 4.2.1.1
ibm/spss_collaboration_and_deployment_services 4.2.1.2
ibm/spss_collaboration_and_deployment_services 4.2.1.3
ibm/spss_collaboration_and_deployment_services 5.0.0
ibm/spss_collaboration_and_deployment_services 5.0.0.1
ibm/spss_collaboration_and_deployment_services 5.0.0.2
... and 3 more
Published Feb 01, 2014
Tracked Since Feb 18, 2026