Vulnerabilities > CVE-2013-6332 - Arbitrary File Creation vulnerability in IBM Algo One

047910
CVSS 8.5 - HIGH
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
SINGLE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
ibm
NVD
Published: 2014-02-06
Updated: 2017-08-29

Summary

Unrestricted file upload vulnerability in IBM Algo One UDS 4.7.0 through 5.0.0 allows remote authenticated users to execute arbitrary code by uploading a .jsp file and then launching it. Per: http://cwe.mitre.org/data/definitions/434.html "CWE-434: Unrestricted Upload of File with Dangerous Type"

Vulnerable Configurations

Part Description Count
Application
Ibm
6

References