CVE-2013-4044
IBM SPSS Collaboration and Deployment Services 4.2.1-5.0 - Sensitive Information Exposure via Direct HTTP Request
Title source: llmDescription
IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote authenticated users to read application log files via a direct HTTP request.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21660191
Various Sources vendor-advisory
x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PM95817
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/86420
Scores
EPSS
0.0108
EPSS Percentile
61.1%
Details
CWE
CWE-200
Status
published
Products (7)
ibm/spss_collaboration_and_deployment_services
4.2.1
ibm/spss_collaboration_and_deployment_services
4.2.1.1
ibm/spss_collaboration_and_deployment_services
4.2.1.2
ibm/spss_collaboration_and_deployment_services
4.2.1.3
ibm/spss_collaboration_and_deployment_services
5.0.0
ibm/spss_collaboration_and_deployment_services
5.0.0.1
ibm/spss_collaboration_and_deployment_services
5.0.0.2
Published
Dec 21, 2013
Tracked Since
Feb 18, 2026