CVE-2013-4046

{"id": "CVE-2013-4046", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-12-21T14:22:56.707", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM95817", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21660191", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86439", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM95817", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21660191", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86439", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Open redirect vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad de redirecci\u00f3n abierta en IBM SPSS Collaboration and Deployment Services 4.2.1 anteriores a 4.2.1.3 IF3 y 5.0 anteriores a FP3 permite a atacantes remotos redirigir usuarios a sitios web de forma arbitraria y conducir ataques phishing a trav\u00e9s de vectores no especificados."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92B33DCA-ADCC-4521-9B8D-4A407FB9608E"}, {"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FAA2C39D-902A-442F-AA6B-62BC8C380436"}, {"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D801CF8-F6A0-4E40-8011-AE8D5A2F5C0B"}, {"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFB0A724-CAC6-45E1-85D6-592BE4660695"}, {"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FA0641C-E2DB-4FDA-BD5F-51C7195D5389"}, {"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F050F5EC-1334-45FC-911D-75FB5B9C7244"}, {"criteria": "cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CD574C3-DA32-4CD6-95DB-39F0CE663D6E"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}