What is the severity of CVE-2013-0460?

CVE-2013-0460 is considered a high severity vulnerability due to its potential to allow unauthorized access through cross-site request forgery.

How do I fix CVE-2013-0460?

To fix CVE-2013-0460, upgrade IBM WebSphere Application Server to version 6.1.0.47 or 7.0.0.27 or later.

What types of systems are affected by CVE-2013-0460?

CVE-2013-0460 affects IBM WebSphere Application Server versions 6.1 and 7.0 prior to the specified fixed versions.

What is the nature of the vulnerability in CVE-2013-0460?

CVE-2013-0460 is a Cross-Site Request Forgery (CSRF) vulnerability that enables attackers to hijack authentication.

Can CVE-2013-0460 be exploited remotely?

Yes, CVE-2013-0460 can be exploited remotely, making it significant for organizations using affected versions of WebSphere.

Vulnerability/
CVE-2013-0460

medium

6.8

CWE

79 352

27/1/2013

6/8/2024

CVE-2013-0460: XSS

First published: Sun Jan 27 2013(Updated: )

Cross-site request forgery (CSRF) vulnerability in the portlet subsystem in the administrative console in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47 and 7.0 before 7.0.0.27 allows remote attackers to hijack the authentication of arbitrary users for requests that insert cross-site scripting (XSS) sequences.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.0
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.1
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.2
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.3
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.5
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.7
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.9
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.11
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.12
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.13
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.14
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.15
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.17
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.19
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.21
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.23
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.25
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.27
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.29
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.31
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.33
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.35
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.37
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.39
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.41
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.43
IBM WebSphere Application Server Feature Pack for Web Services	=6.1.0.45
IBM WebSphere Application Server Feature Pack for Web Services	=7.0
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.1
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.2
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.3
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.5
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.7
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.9
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.11
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.13
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.15
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.17
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.19
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.21
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.23
IBM WebSphere Application Server Feature Pack for Web Services	=7.0.0.25

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-0460?
CVE-2013-0460 is considered a high severity vulnerability due to its potential to allow unauthorized access through cross-site request forgery.
How do I fix CVE-2013-0460?
To fix CVE-2013-0460, upgrade IBM WebSphere Application Server to version 6.1.0.47 or 7.0.0.27 or later.
What types of systems are affected by CVE-2013-0460?
CVE-2013-0460 affects IBM WebSphere Application Server versions 6.1 and 7.0 prior to the specified fixed versions.
What is the nature of the vulnerability in CVE-2013-0460?
CVE-2013-0460 is a Cross-Site Request Forgery (CSRF) vulnerability that enables attackers to hijack authentication.
Can CVE-2013-0460 be exploited remotely?
Yes, CVE-2013-0460 can be exploited remotely, making it significant for organizations using affected versions of WebSphere.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/references
agent/last-modified-date
agent/first-publish-date
agent/event
agent/description
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm websphere application server feature pack for web services
version/ibm websphere application server feature pack for web services/6.1.0.0
version/ibm websphere application server feature pack for web services/6.1.0.1
version/ibm websphere application server feature pack for web services/6.1.0.2
version/ibm websphere application server feature pack for web services/6.1.0.3
version/ibm websphere application server feature pack for web services/6.1.0.5
version/ibm websphere application server feature pack for web services/6.1.0.7
version/ibm websphere application server feature pack for web services/6.1.0.9
version/ibm websphere application server feature pack for web services/6.1.0.11
version/ibm websphere application server feature pack for web services/6.1.0.12
version/ibm websphere application server feature pack for web services/6.1.0.13
version/ibm websphere application server feature pack for web services/6.1.0.14
version/ibm websphere application server feature pack for web services/6.1.0.15
version/ibm websphere application server feature pack for web services/6.1.0.17
version/ibm websphere application server feature pack for web services/6.1.0.19
version/ibm websphere application server feature pack for web services/6.1.0.21
version/ibm websphere application server feature pack for web services/6.1.0.23
version/ibm websphere application server feature pack for web services/6.1.0.25
version/ibm websphere application server feature pack for web services/6.1.0.27
version/ibm websphere application server feature pack for web services/6.1.0.29
version/ibm websphere application server feature pack for web services/6.1.0.31
version/ibm websphere application server feature pack for web services/6.1.0.33
version/ibm websphere application server feature pack for web services/6.1.0.35
version/ibm websphere application server feature pack for web services/6.1.0.37
version/ibm websphere application server feature pack for web services/6.1.0.39
version/ibm websphere application server feature pack for web services/6.1.0.41
version/ibm websphere application server feature pack for web services/6.1.0.43
version/ibm websphere application server feature pack for web services/6.1.0.45
version/ibm websphere application server feature pack for web services/7.0
version/ibm websphere application server feature pack for web services/7.0.0.1
version/ibm websphere application server feature pack for web services/7.0.0.2
version/ibm websphere application server feature pack for web services/7.0.0.3
version/ibm websphere application server feature pack for web services/7.0.0.5
version/ibm websphere application server feature pack for web services/7.0.0.7
version/ibm websphere application server feature pack for web services/7.0.0.9
version/ibm websphere application server feature pack for web services/7.0.0.11
version/ibm websphere application server feature pack for web services/7.0.0.13
version/ibm websphere application server feature pack for web services/7.0.0.15
version/ibm websphere application server feature pack for web services/7.0.0.17
version/ibm websphere application server feature pack for web services/7.0.0.19
version/ibm websphere application server feature pack for web services/7.0.0.21
version/ibm websphere application server feature pack for web services/7.0.0.23
version/ibm websphere application server feature pack for web services/7.0.0.25