Unrated severityNVD Advisory· Published Dec 21, 2013· Updated Apr 29, 2026

CVE-2013-4069

Description

The Portal application in IBM SPSS Collaboration and Deployment Services 4.2.1 before 4.2.1.3 IF3 and 5.0 before FP3 allows remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Affected products

IBM/Spss Collaboration And Deployment Services7 versions
cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:4.2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:spss_collaboration_and_deployment_services:5.0.0.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www-01.ibm.com/support/docview.wssnvdVendor Advisory
www-01.ibm.com/support/docview.wssnvd
exchange.xforce.ibmcloud.com/vulnerabilities/86621nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000