CVE-2013-6305

Published: Jan 21, 2014Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

IBM Platform Symphony 5.2 before build 229037 and 6.1.0.1 before build 229073 uses the same credentials encryption key across different customers' installations, which makes it easier for context-dependent attackers to obtain sensitive information by leveraging knowledge of this key.

Affected (2)

Products: Ibm: Platform Symphony

1 product

Platform Symphony

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Ibm Platform Symphony	Version 5.2
Ibm Platform Symphony	Version 6.1.0.1

Related CWEs

References (6)

http://osvdb.org/102262

Source: psirt@us.ibm.com

http://www-01.ibm.com/support/docview.wss?uid=isg3T1020528

Source: psirt@us.ibm.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/88536

Source: psirt@us.ibm.com

http://osvdb.org/102262

Source: af854a3a-2127-422b-91ae-364da2661108

http://www-01.ibm.com/support/docview.wss?uid=isg3T1020528

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/88536

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.