CVE-2013-5459
First published: Mon Apr 21 2014(Updated: )
Unspecified vulnerability in IBM Rational Software Architect (RSA) Design Manager and Rational Rhapsody Design Manager 3.x through 3.0.1 and 4.x before 4.0.6 allows remote authenticated users to modify data by leveraging improper parameter checking.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Rational Rhapsody | =3.0.0 | |
| IBM Rational Rhapsody | =3.0.0.1 | |
| IBM Rational Rhapsody | =3.0.1 | |
| IBM Rational Rhapsody | =4.0.0 | |
| IBM Rational Rhapsody | =4.0.1 | |
| IBM Rational Rhapsody | =4.0.2 | |
| IBM Rational Rhapsody | =4.0.3 | |
| IBM Rational Rhapsody | =4.0.4 | |
| IBM Rational Rhapsody | =4.0.5 | |
| IBM Rational Software Architect | =3.0.0 | |
| IBM Rational Software Architect | =3.0.0.1 | |
| IBM Rational Software Architect | =3.0.1 | |
| IBM Rational Software Architect | =4.0.0 | |
| IBM Rational Software Architect | =4.0.1 | |
| IBM Rational Software Architect | =4.0.2 | |
| IBM Rational Software Architect | =4.0.3 | |
| IBM Rational Software Architect | =4.0.4 | |
| IBM Rational Software Architect | =4.0.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-5459?
CVE-2013-5459 is classified as a moderate severity vulnerability due to its ability for remote authenticated users to modify data.
How do I fix CVE-2013-5459?
To fix CVE-2013-5459, upgrade your IBM Rational Software Architect or Rational Rhapsody Design Manager to version 4.0.6 or later.
Which versions are affected by CVE-2013-5459?
CVE-2013-5459 affects IBM Rational Software Architect and Rhapsody Design Manager versions 3.x through 3.0.1 and 4.x before 4.0.6.
What types of data can be modified due to CVE-2013-5459?
CVE-2013-5459 allows remote authenticated users to improperly modify data due to insufficient parameter checking.
Are there any workarounds for CVE-2013-5459?
Currently, the recommended approach for CVE-2013-5459 is to apply the available software updates from IBM.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/last-modified-date
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm rational rhapsody
- version/ibm rational rhapsody/3.0.0
- version/ibm rational rhapsody/3.0.0.1
- version/ibm rational rhapsody/3.0.1
- version/ibm rational rhapsody/4.0.0
- version/ibm rational rhapsody/4.0.1
- version/ibm rational rhapsody/4.0.2
- version/ibm rational rhapsody/4.0.3
- version/ibm rational rhapsody/4.0.4
- version/ibm rational rhapsody/4.0.5
- canonical/ibm rational software architect
- version/ibm rational software architect/3.0.0
- version/ibm rational software architect/3.0.0.1
- version/ibm rational software architect/3.0.1
- version/ibm rational software architect/4.0.0
- version/ibm rational software architect/4.0.1
- version/ibm rational software architect/4.0.2
- version/ibm rational software architect/4.0.3
- version/ibm rational software architect/4.0.4
- version/ibm rational software architect/4.0.5