Authentication Bypass in IBM Platform Symphony Developer Edition
CVE-2013-5400

Currently unrated

Key Information:

Vendor: IBM
Status: Platform Symphony
Vendor: CVE Published:; 14 February 2014

What is CVE-2013-5400?

The IBM Platform Symphony Developer Edition versions 5.2 and 6.1.x up to 6.1.1 contain a serious vulnerability that features hardcoded credentials in an unspecified servlet. This flaw allows an attacker to bypass authentication mechanisms, thereby gaining unauthorized 'local environment' access. Such access could enable malicious actors to exploit the system further, posing significant security risks to the platform.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/87296

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=isg3T1020564

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2014
Vulnerability Reserved
Aug 22, 2013