CVE-2013-0559

Unspecified vulnerability in IBM API Management 2.0 before 2.0.0.1 allows remote attackers to access tenant APIs, and consequently obtain sensitive information or modify data, via unknown vectors.

CVSS v2.0 6.4 MEDIUM

6.4^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www-01.ibm.com/support/docview.wss?uid=swg1LI77499
http://www.ibm.com/support/docview.wss?uid=swg21643847	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/85557
http://www-01.ibm.com/support/docview.wss?uid=swg1LI77499
http://www.ibm.com/support/docview.wss?uid=swg21643847	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/85557

Configurations

Configuration 1 (hide)

cpe:2.3:a:ibm:api_management:2.0.0.0:*:*:*:*:*:*:*

History

21 Nov 2024, 01:47

Type	Values Removed	Values Added
References	~~() http://www-01.ibm.com/support/docview.wss?uid=swg1LI77499 -~~	() http://www-01.ibm.com/support/docview.wss?uid=swg1LI77499 -
References	~~() http://www.ibm.com/support/docview.wss?uid=swg21643847 - Vendor Advisory~~	() http://www.ibm.com/support/docview.wss?uid=swg21643847 - Vendor Advisory
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/85557 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/85557 -

Information

Published : 2013-07-19 14:36

Updated : 2025-04-11 00:51

NVD link : CVE-2013-0559

Mitre link : CVE-2013-0559

CVE.ORG link : CVE-2013-0559

JSON object : View

Products Affected

ibm

api_management

CWE

NVD-CWE-noinfo

{"id": "CVE-2013-0559", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-07-19T14:36:13.007", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1LI77499", "source": "psirt@us.ibm.com"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg21643847", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85557", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1LI77499", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg21643847", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85557", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in IBM API Management 2.0 before 2.0.0.1 allows remote attackers to access tenant APIs, and consequently obtain sensitive information or modify data, via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en IBM API Management v2.0 anterior a v2.0.0.1 permite a atacantes remotos acceder a determinadas APIs, y consecuentemente obtener informaci\u00f3n sensible o modificar los datos, mediante vectores desconocidos."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:api_management:2.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CFE20B95-404C-49E6-9122-1514612DEC9F"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}