CVE-2013-6305

Currently unrated

Key Information:

Vendor: IBM
Status: Platform Symphony
Vendor: CVE Published:; 21 January 2014

Summary

IBM Platform Symphony 5.2 before build 229037 and 6.1.0.1 before build 229073 uses the same credentials encryption key across different customers' installations, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging knowledge of this key.

References

http://osvdb.org/102262

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/88536

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=isg3T1020528

x_refsource_CONFIRM

Timeline

Vulnerability published
Jan 21, 2014
Vulnerability Reserved
Oct 31, 2013