ID CVE-2013-2951
Summary IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. IBM X-Force ID: 83621.
References
Vulnerable Configurations
  • IBM Websphere Portal 7.0.0.0
    cpe:2.3:a:ibm:websphere_portal:7.0.0.0
  • IBM Websphere Portal 7.0.0.1
    cpe:2.3:a:ibm:websphere_portal:7.0.0.1
  • IBM Websphere Portal 7.0.0.2
    cpe:2.3:a:ibm:websphere_portal:7.0.0.2
  • IBM Websphere Portal 8.0.0.0
    cpe:2.3:a:ibm:websphere_portal:8.0.0.0
  • IBM Websphere Portal 8.0.0.1
    cpe:2.3:a:ibm:websphere_portal:8.0.0.1
CVSS
Base: 2.1
Impact:
Exploitability:
CWE CWE-255
CAPEC
refmap via4
confirm http://www-01.ibm.com/support/docview.wss?uid=swg21642097
xf was-portal-cve20132951-info-disclosure(83621)
Last major update 11-07-2018 - 12:29
Published 11-07-2018 - 12:29
Last modified 06-09-2018 - 11:25
Back to Top