Summary
This host is running IBM Platform Symphony Developer Edition and is prone to authentication bypass vulnerability.
Impact
Successful exploitation will allow remote attackers to gain access to the local environment.
Impact Level: Application.
Solution
Apply the workaround from below link,
http://www-01.ibm.com/support/docview.wss?uid=isg3T1020564
Insight
The flaw is in a servlet in the application, which authenticates a user with built-in credentials.
Affected
IBM Platform Symphony Developer Edition 5.2 and 6.1.x through 6.1.1
Detection
Send a crafted exploit string via HTTP GET request and check whether it is able to read the string or not.
References
Severity
Classification
-
CVE CVE-2013-5400 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities