CVE-2013-6334 Information

Feb 14, 2021 cve

Description

IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2 Disposal and Governance Management for IT 6.0.1.5 and earlier and 6.0.2 and Global Retention Policy and Schedule Management 6.0.1.5 and earlier and 6.0.2 in IBM Atlas Suite (aka Atlas Policy Suite) do not properly validate sessions which allows remote attackers to bypass intended access restrictions and visit PolicyAtlas/ResponseDraftServlet (aka the Compliance Questionnaire Save Draft servlet) via unspecified vectors.

Reference

http://osvdb.org/show/osvdb/101855 http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_atlas_suite_atlas_policy_suite_sql_injection_vulnerability_cve_2013_6321_and_access_control_vulnerability_cve_2013_6334 http://www.securityfocus.com/bid/64751

Share on: