Search criteria
3 vulnerabilities found for websphere_application_server_feature_pack_for_web_services by ibm
FKIE_CVE-2013-4053
Vulnerability from fkie_nvd - Published: 2013-09-20 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured for XML Digital Signatures, does not properly verify X.509 certificates, which allows remote attackers to obtain privileged access via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1FD8F9CE-4E98-4187-B84A-429FA1C65E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC1D7570-4AB4-44B0-B5ED-D103F0946F63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9E709E36-B5D0-42E5-A305-AF385FD7F347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "49506702-1B31-4421-8DEE-5B789272EC6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B0905C80-A1BA-49CD-90CA-9270ECC3940C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B108457A-50DC-4432-9E30-98ADBEBF2389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4A8FC820-48D5-4850-82F7-8DA4A18EFF51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0661F4A0-A520-4443-B19D-6885920ADFE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A553A6E7-64AA-41F2-9B92-4EC715C617B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9BFBDE57-3895-4841-B23C-06336A7016EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "CF56870A-F9D3-4544-B63A-EFC2E82A1F7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "30B7A7B9-FCD1-4509-93CF-C5B736B04F4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C93D1CE2-1772-44C0-A8CB-73E9AA1AF6B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "90BA0923-4064-49D3-82A2-EEFC4B0F9A9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "6289CCB4-9A13-4BB5-B44E-7CA936DD8421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "833256BB-E2A6-4FE9-BE4F-982578023E43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "9631D69C-AFEC-4CFF-9190-3E5435EDCEC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "CE94EFF2-CA86-4179-8250-350DF0D2BE83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "373412A5-2971-4C92-BAAE-A1B77D2DA723",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "920F69CD-DEDB-4393-BE6E-B837BA6820B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.16:*:*:*:*:*:*:*",
"matchCriteriaId": "7B5FE844-7F1C-4326-94EF-2CC0B4196085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "5662B903-5480-403D-BC3D-2222F88264A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "3F830D7B-17C2-40B5-B4A4-7A99980F63AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "4D82C3F2-9C50-4D1A-B939-77FC53E44EDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "03E6BAB6-D0D8-4698-BCF9-05D5A256FD37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.22:*:*:*:*:*:*:*",
"matchCriteriaId": "4EB7ACE7-6572-4D19-8E7A-BB9FC57AA343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "EF042A51-E34A-482C-8601-9FD09E6C866A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.24:*:*:*:*:*:*:*",
"matchCriteriaId": "075EC2D3-8A48-4103-910C-724A4CAF43DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "3BFE6260-F130-44E1-9A31-985153F51385",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "489E4427-4059-4026-B952-72364AFFC135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "B95D1940-E5AD-4B59-80B4-C3370BB03169",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AF1667C5-D19B-469C-82D5-8406B6D75EDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89551609-69B7-452A-9CB2-04C12D268B41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF27B7D7-4442-47CA-880D-D3B5412AEF9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B595B048-4204-49B4-9497-B8D119C8784D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DC38B5D4-66A3-4671-9099-0F38D283BA94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B357DB53-061F-43D5-9E9F-5D5468A5805B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "29ADADD2-EC21-4C45-A381-BC2091CD9F7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2AD901DE-9258-40DA-A09B-B0CA9DCCF843",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7B9CDD56-921C-4FAF-87E2-14B91EC1A93D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "95255265-6D69-46D3-9FFA-8EDB1734375C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4191D3-64AB-482C-9DEF-DD04C4C942CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5FC6EB31-9707-408B-8BF5-66BD23441A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B73E052-AF4F-4543-AA03-F5B1FA976EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "23171B81-C991-467A-95A4-EDDAC59C37BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2586C584-3258-414B-AB28-1EBA0DBD0B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BCA175EA-EDC6-4228-8E28-E9BBC981E60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "C6A4EC9D-98C2-40B0-BA40-4838FE8D1FF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "7AF5BB33-4E78-4123-8093-EBEE2F2B5598",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "E3F4B8EA-9299-42C1-AAFB-831701ED2FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "A45B6F32-5DFF-4833-9F0F-89576724CF97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.14:*:*:*:*:*:*:*",
"matchCriteriaId": "13C8054A-8581-4936-AF94-291AE56EB4DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "13CA9A59-DFE4-4566-8719-E6FA4720F06A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "A89DD1BF-4AB0-480D-9856-B1BEA73A4AAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "49E119EF-B6A5-4B6C-B199-C64F62CA7CB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "C9C8FA3D-9162-4D9B-8250-FAC93ED77A2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "E06DE5D4-D3A5-4783-ACE0-A80808DB09C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "ABBABA44-D18E-4329-9C2B-90828DAD468B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "BDBB08AC-52AD-4D5A-9E76-AFB283D5FE5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "335D5585-9587-4AD7-A18E-4A3706ABBAF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "A80D58C4-3DCA-4A37-9626-6DC957CEBE90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "38ABD537-EA96-4049-AF05-29C8A6C6D96A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "DC3B2A9B-C647-4C9E-9F1E-B7996C558EAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "550773DB-D436-4AB3-834D-D8FAC7345A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F65FE5-113E-43A0-BA47-87D76E709CB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.41:*:*:*:*:*:*:*",
"matchCriteriaId": "B0EEE94F-7B2D-43E1-A410-F913D646B25A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.43:*:*:*:*:*:*:*",
"matchCriteriaId": "E40505D7-F7FB-407D-88E6-8B0AFF5E3546",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:6.1.0.45:*:*:*:*:*:*:*",
"matchCriteriaId": "7202F301-353F-49F0-867A-C824EA3C4AD8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "350CC22B-518B-477D-ABFC-FCFDDE06365F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "2B5767F1-F1D7-4769-AFDF-5717A981B051",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.15:*:*:*:*:*:*:*",
"matchCriteriaId": "840F3565-BE89-45A0-A6BB-9326F0C85E02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.17:*:*:*:*:*:*:*",
"matchCriteriaId": "81E14E86-F146-41FA-9BD9-F7AF6F39423C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.19:*:*:*:*:*:*:*",
"matchCriteriaId": "9A9517BC-2D2D-42AB-8BC2-4179F0C53D4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A704BD62-49AB-41EE-8CE2-77FA5672A67F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.23:*:*:*:*:*:*:*",
"matchCriteriaId": "03F110D5-87B2-4D9A-ABD8-6083E147F81A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.25:*:*:*:*:*:*:*",
"matchCriteriaId": "261C7E70-DA64-4935-A6BE-7A860C762889",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.27:*:*:*:*:*:*:*",
"matchCriteriaId": "F86660F8-CBAC-4864-91ED-66A8DC4DA936",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.29:*:*:*:*:*:*:*",
"matchCriteriaId": "AFBE15C5-F7C6-4018-95EF-E321C9E4DC11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.31:*:*:*:*:*:*:*",
"matchCriteriaId": "08918602-2C31-4BF8-8C6E-B2EBC4BAC251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.33:*:*:*:*:*:*:*",
"matchCriteriaId": "0A2EDE39-F6D5-4327-8405-D4DEC7519545",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.35:*:*:*:*:*:*:*",
"matchCriteriaId": "D01F3432-323F-4C9C-BDB1-2BCB5D22D0E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.37:*:*:*:*:*:*:*",
"matchCriteriaId": "F9B446C7-0F9E-42AE-828E-2D7D308DFE37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.39:*:*:*:*:*:*:*",
"matchCriteriaId": "6A5B82ED-E2DD-47A0-BAE8-7FC3DCFB2AE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.41:*:*:*:*:*:*:*",
"matchCriteriaId": "231A8E29-39B5-4AC0-B405-20EDDA5031D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.43:*:*:*:*:*:*:*",
"matchCriteriaId": "E17EAAEC-01D3-45A7-BA29-6365B3EACCB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.45:*:*:*:*:*:*:*",
"matchCriteriaId": "30FD7CFD-63D7-443C-A27C-FDB7D60BEAB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server_feature_pack_for_web_services:6.1.0.47:*:*:*:*:*:*:*",
"matchCriteriaId": "C74601A2-37A6-48F8-A2E9-5FC5F70761E9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured for XML Digital Signatures, does not properly verify X.509 certificates, which allows remote attackers to obtain privileged access via unspecified vectors."
},
{
"lang": "es",
"value": "La implementaci\u00f3n WS-Security en IBM WebSphere Application (WAS) 6.1 (anteriores a 6.1.0.47), 7.0 (anteriores a 7.0.0.31), 8.0 (anteriores a 8.5.5.1) y WAS Feature Pack para Web Services 6.1 (anteriores a 6.1.0.47), cuando un almac\u00e9n de confianza es configurado para Firmas Digitales XML, no verifica certificados X.509 apropiadamente, lo que permite a atacantes remotos obtener acceso con privilegios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-4053",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-09-20T21:55:05.253",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM90949"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91521"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21647522"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86505"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM90949"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91521"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21647522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86505"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2013-4053 (GCVE-0-2013-4053)
Vulnerability from cvelistv5 – Published: 2013-09-20 21:00 – Updated: 2024-08-06 16:30
VLAI?
Summary
The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured for XML Digital Signatures, does not properly verify X.509 certificates, which allows remote attackers to obtain privileged access via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "PM90949",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM90949"
},
{
"name": "was-cve20134053-priv-escalation(86505)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86505"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21647522"
},
{
"name": "PM91521",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91521"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured for XML Digital Signatures, does not properly verify X.509 certificates, which allows remote attackers to obtain privileged access via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "PM90949",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM90949"
},
{
"name": "was-cve20134053-priv-escalation(86505)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86505"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21647522"
},
{
"name": "PM91521",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91521"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-4053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured for XML Digital Signatures, does not properly verify X.509 certificates, which allows remote attackers to obtain privileged access via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "PM90949",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM90949"
},
{
"name": "was-cve20134053-priv-escalation(86505)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86505"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21647522",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21647522"
},
{
"name": "PM91521",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91521"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-4053",
"datePublished": "2013-09-20T21:00:00",
"dateReserved": "2013-06-07T00:00:00",
"dateUpdated": "2024-08-06T16:30:49.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4053 (GCVE-0-2013-4053)
Vulnerability from nvd – Published: 2013-09-20 21:00 – Updated: 2024-08-06 16:30
VLAI?
Summary
The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured for XML Digital Signatures, does not properly verify X.509 certificates, which allows remote attackers to obtain privileged access via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.886Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "PM90949",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM90949"
},
{
"name": "was-cve20134053-priv-escalation(86505)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86505"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21647522"
},
{
"name": "PM91521",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91521"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured for XML Digital Signatures, does not properly verify X.509 certificates, which allows remote attackers to obtain privileged access via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "PM90949",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM90949"
},
{
"name": "was-cve20134053-priv-escalation(86505)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86505"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21647522"
},
{
"name": "PM91521",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91521"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-4053",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WS-Security implementation in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.31, 8.0 before 8.0.0.8, and 8.5 before 8.5.5.1, and WAS Feature Pack for Web Services 6.1 before 6.1.0.47, when a trust store is configured for XML Digital Signatures, does not properly verify X.509 certificates, which allows remote attackers to obtain privileged access via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "PM90949",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM90949"
},
{
"name": "was-cve20134053-priv-escalation(86505)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86505"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21647522",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21647522"
},
{
"name": "PM91521",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91521"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-4053",
"datePublished": "2013-09-20T21:00:00",
"dateReserved": "2013-06-07T00:00:00",
"dateUpdated": "2024-08-06T16:30:49.886Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}