Miembros de
Boletines de Vulnerabilidades |
Security Bulletin: IBM Algo One Security Vulnerabilities in MetaData Management Tools (addressed in UDS) and ACSWeb (addressed in Algo Security Access Control Manager/AlgoWebApps) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
Cross Site Scripting, Blind SQL Injection, Unencrypted Login request, Path Traversal vulnerabilities affecting the UDS component of IBM Algo One Core ("UDS"). Security Bypass, Cross Site Scripting vulnerabilities affecting the Algo Security Access Control Manager/AlgoWebApps components of IBM Algo One Core ("Algo Security Access Control Manager/AlgoWebApps"). See Vulnerability Details for CVE IDs. CVE(s): CVE-2013-5468, CVE-2013-6299, CVE-2013-6300, CVE-2013-6301, More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_algo_one_security_vulnerabilities_in_metadata_management_tools_addressed_in_uds_and_acsweb_addressed_in_algo_security_access_control_manager_algowebapps?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2013-6722 ,CVE-2013-5468 ,CVE-2013-6299 ,CVE-2013-6300 ,CVE-2013-6301 ,CVE-2013-6302 ,CVE-2013-6303 ,CVE-2013-6318 ,CVE-2013-6319 ,CVE-2013-6320 ,CVE-2013-6331 and CVE-2013-6333. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-03-04 |