CVE-2013-2959

Published: May 27, 2013Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The Console in IBM InfoSphere Optim Data Growth for Oracle E-Business Suite 6.x, 7.x, and 9.x before 9.1.0.3 does not provide an encrypted session for transmitting login credentials, which allows remote attackers to obtain sensitive information by sniffing the network.

Affected (18)

Products: Ibm: Infosphere Optim Data Growth For Oracle E Business Suite

Ibm

1 product

Infosphere Optim Data Growth For Oracle E Business Suite

Configuration A

18 vulnerable

Vulnerable Software	Affected Versions
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 6.0
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 6.1
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 6.3.1
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 6.3.2
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 6.3.3
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 6.4.0
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 6.4.1
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 6.5.0
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 6.5.1
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 7.1.0
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 7.1.1
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 7.1.2
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 7.2.0
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 7.2.1
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 7.2.2
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 7.3.0
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 7.3.1
Ibm Infosphere Optim Data Growth For Oracle E Business Suite	Version 9.1.0

Related CWEs

CWE-255

References (4)

http://www-01.ibm.com/support/docview.wss?uid=swg21637444

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/83668

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=swg21637444

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/83668

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.