{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-15T18:26:24.392659600Z","vulnerabilities":[{"cve":{"id":"CVE-2013-4049","sourceIdentifier":"psirt@us.ibm.com","published":"2013-09-16T18:24:48.793","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unrestricted file upload vulnerability in IBM SPSS Analytical Decision Management 6.1 before IF1, 6.2 before IF1, and 7.0 before FP1 IF6 allows remote authenticated users to execute arbitrary code by uploading and accessing a JSP file."},{"lang":"es","value":"Vulnerabilidad de subida de archivo sin restricción en  IBM SPSS Analytical Decision Management 6.1 anterior a  IF1, 6.2 anterior a  IF1, y  7.0 anterior a  FP1 IF6, permite a usuarios autenticados remotamente la ejecución de código a discrección mediante la subida y el acceso a un archivo JSP."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:C/I:C/A:C","baseScore":8.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":6.8,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:spss_analytical_decision_management:6.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E92A4CE-39AD-436A-9D46-B0AD2B08A11F"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:spss_analytical_decision_management:6.2.0.0:*:*:*:*:*:*:*","matchCriteriaId":"6779E25F-B9D5-42E1-A3DB-73301CF7C6D2"},{"vulnerable":true,"criteria":"cpe:2.3:a:ibm:spss_analytical_decision_management:7.0.0.0:*:*:*:*:*:*:*","matchCriteriaId":"88CE7A2F-E16E-4EB9-B314-86E26BDB5EBA"}]}]}],"references":[{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21648929","source":"psirt@us.ibm.com","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/86442","source":"psirt@us.ibm.com"},{"url":"http://www-01.ibm.com/support/docview.wss?uid=swg21648929","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/86442","source":"af854a3a-2127-422b-91ae-364da2661108"}],"evaluatorComment":"Per: http://cwe.mitre.org/data/definitions/434.html\n\n'CWE-434: Unrestricted Upload of File with Dangerous Type'"}}]}