Netezza Performance Portal
CVE-2013-6731
MEDIUM
Severity by source
AV:N/AC:L/Au:S/C:N/I:P/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:L/Au:S/C:N/I:P/A:N
Lifecycle Timeline
1DescriptionCVE.org
IBM Netezza Performance Portal 2.x before 2.0.0.3 allows remote authenticated users to change arbitrary passwords via an HTTP POST request.
AnalysisAI
IBM Netezza Performance Portal 2.x before 2.0.0.3 allows remote authenticated users to change arbitrary passwords via an HTTP POST request. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity.
Technical ContextAI
This vulnerability is classified under CWE-264. IBM Netezza Performance Portal 2.x before 2.0.0.3 allows remote authenticated users to change arbitrary passwords via an HTTP POST request. Affected products include: Ibm Netezza Performance Portal. Version information: before 2.0.0.3.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Netezza Performance Portal
View allHTTPD in IBM Netezza Performance Portal 1.0.2 allows remote authenticated users to list application directories containi
The (1) ssl.conf and (2) httpd.conf files in the Apache HTTP Server component in IBM Netezza Performance Portal 2.0 befo
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today