CVE-2013-6334
Last modified
CVE-2013-6334 is a vulnerability of currently unknown severity. IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, Disposal and Governance Management for IT 6.0.1.5 and earlier and 6.0.2, and Global Retention Policy and Schedule Management 6.0.1.5 and earlier and 6.0.2 in IBM Atlas Suite (aka Atlas Policy Suite) do not properly validate sessions, which allows remote attackers to bypass intended access restrictions, and visit PolicyAtlas/ResponseDraftServlet (aka the Compliance Questionnaire Save Draft servlet), via unspecified vectors.. EPSS estimates a 1.36% chance of exploitation in the next 30 days.
Description
IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, Disposal and Governance Management for IT 6.0.1.5 and earlier and 6.0.2, and Global Retention Policy and Schedule Management 6.0.1.5 and earlier and 6.0.2 in IBM Atlas Suite (aka Atlas Policy Suite) do not properly validate sessions, which allows remote attackers to bypass intended access restrictions, and visit PolicyAtlas/ResponseDraftServlet (aka the Compliance Questionnaire Save Draft servlet), via unspecified vectors.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Atlas Ediscovery Process Management | <= 6.0.1.5 |
| Ibm | Atlas Ediscovery Process Management | 6.0.2 |
| Ibm | Atlas Suite | All versions |
| Ibm | Disposal And Governance Management For It | <= 6.0.1.5 |
| Ibm | Disposal And Governance Management For It | 6.0.2 |
| Ibm | Global Retention Policy And Schedule Management | <= 6.0.1.5 |
| Ibm | Global Retention Policy And Schedule Management | 6.0.2 |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2013-6334?
How severe is CVE-2013-6334?
How do I fix CVE-2013-6334?
Are you affected by CVE-2013-6334?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST