{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-07-31T00:00:00", "descriptions": [{"lang": "en", "value": "The Data Growth Solution for JD Edwards EnterpriseOne in IBM InfoSphere Optim 3.0 through 9.1 has hardcoded database credentials, which allows remote authenticated users to obtain sensitive information by reading an unspecified field in an XML document."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"name": "ibm-optim-cve20135433-info-disc(87639)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87639"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680575"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2013-5433", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Data Growth Solution for JD Edwards EnterpriseOne in IBM InfoSphere Optim 3.0 through 9.1 has hardcoded database credentials, which allows remote authenticated users to obtain sensitive information by reading an unspecified field in an XML document."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ibm-optim-cve20135433-info-disc(87639)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87639"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680575", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680575"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T17:15:20.323Z"}, "title": "CVE Program Container", "references": [{"name": "ibm-optim-cve20135433-info-disc(87639)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87639"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680575"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2013-5433", "datePublished": "2014-08-12T00:00:00", "dateReserved": "2013-08-22T00:00:00", "dateUpdated": "2024-08-06T17:15:20.323Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:infosphere_optim_data_growth_solution_for_siebel_crm:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "FFBB2FA6-F2C5-43F4-8B0F-9F0A055BA807", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:infosphere_optim_data_growth_solution_for_siebel_crm:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "B9677576-A5F4-45BE-BF58-13AEB60F941B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:infosphere_optim_data_growth_solution_for_siebel_crm:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "CD4F27CC-9AFB-440A-9AD8-D82D78ECCC43", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:infosphere_optim_data_growth_solution_for_siebel_crm:3.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "8BF829BC-3E2E-405F-838D-51EFD241A189", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:infosphere_optim_data_growth_solution_for_siebel_crm:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "4529CE9F-1B36-4EC3-A8E4-94663ED2F4F5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The Data Growth Solution for JD Edwards EnterpriseOne in IBM InfoSphere Optim 3.0 through 9.1 has hardcoded database credentials, which allows remote authenticated users to obtain sensitive information by reading an unspecified field in an XML document."}, {"lang": "es", "value": "Data Growth Solution para JD Edwards EnterpriseOne en IBM InfoSphere Optim 3.0 hasta 9.1 tiene las credenciales de la base de datos embebidas, lo que permite a usuarios remotos autenticados obtener informaci\u00f3n sensible mediante la lectura de un campo no especificado en un documento XML."}], "id": "CVE-2013-5433", "lastModified": "2024-11-21T01:57:28.333", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-08-12T00:55:03.297", "references": [{"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680575"}, {"source": "psirt@us.ibm.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87639"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680575"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87639"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-255"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}