Release date:
Updated on:
Affected Systems:
IBM Websphere Portal 8.0.0.x
Description:
--------------------------------------------------------------------------------
CVE (CAN) ID: CVE-2013-6316
IBM WebSphere Portal is a framework that includes runtime servers, services, tools, and many other features-you can use these features to integrate an enterprise into a single customizable interface called a Portal.
When rendering the Taxonomy component, IBM WebSphere Portal 8.0 and 8.0.0.1 do not correctly verify the access permission. After successful exploitation, some WCM content attributes can be leaked.
<* Source: IBM (ncsupp@ca.ibm.com)
Link: http://secunia.com/advisories/56165/
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
IBM
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.ibm.com/support/fixcentral/
IBM (PM96345, PI04897, PI05684, PM93172 ):
Http://www.ibm.com/support/docview.wss? Uid = swg21660011
Http://www.ibm.com/support/docview.wss? Uid = swg24034497