CVE-2013-4069
Last modified
CVE-2013-4069 is a vulnerability of currently unknown severity. The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.. EPSS estimates a 1.46% chance of exploitation in the next 30 days.
Description
The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Spss Collaboration And Deployment Services | 4.2.1 |
| Ibm | Spss Collaboration And Deployment Services | 4.2.1.1 |
| Ibm | Spss Collaboration And Deployment Services | 4.2.1.2 |
| Ibm | Spss Collaboration And Deployment Services | 4.2.1.3 |
| Ibm | Spss Collaboration And Deployment Services | 5.0.0 |
| Ibm | Spss Collaboration And Deployment Services | 5.0.0.1 |
| Ibm | Spss Collaboration And Deployment Services | 5.0.0.2 |
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21660191Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21660191Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-4069?
How severe is CVE-2013-4069?
How do I fix CVE-2013-4069?
Are you affected by CVE-2013-4069?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST