CVE-2013-5400

Published: Feb 14, 2014Modified: Apr 29, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

An unspecified servlet in IBM Platform Symphony Developer Edition (DE) 5.2 and 6.1.x through 6.1.1 has hardcoded credentials, which allows remote attackers to bypass authentication and obtain "local environment" access via unknown vectors.

Affected (3)

Products: Ibm: Platform Symphony

Ibm

1 product

Platform Symphony

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Ibm Platform Symphony	Version 5.2
Ibm Platform Symphony	Version 6.1.0
Ibm Platform Symphony	Version 6.1.1

Related CWEs

CWE-255

References (4)

http://www-01.ibm.com/support/docview.wss?uid=isg3T1020564

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/87296

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=isg3T1020564

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/87296

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.