CVE-2013-5454

IBM WebSphere Portal - Info Disclosure

Title source: llm
STIX 2.1

Description

IBM WebSphere Portal 6.0 through 6.0.1.7, 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF27, 7.0 through 7.0.0.2 CF25, and 8.0 through 8.0.0.1 CF08 allows remote attackers to read arbitrary files via a modified URL.

References (3)

Core 3
Core References
Various Sources vendor-advisory x_refsource_aixapar
http://www-01.ibm.com/support/docview.wss?uid=swg1PM99205
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21655656
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/88253

Scores

EPSS 0.0180
EPSS Percentile 75.9%

Details

CWE
CWE-200
Status published
Products (26)
ibm/websphere_portal 6.0.0.0
ibm/websphere_portal 6.0.0.1
ibm/websphere_portal 6.0.1.0
ibm/websphere_portal 6.0.1.1
ibm/websphere_portal 6.0.1.2
ibm/websphere_portal 6.0.1.3
ibm/websphere_portal 6.0.1.4
ibm/websphere_portal 6.0.1.5
ibm/websphere_portal 6.0.1.6
ibm/websphere_portal 6.1
... and 16 more
Published Nov 18, 2013
Tracked Since Feb 18, 2026