Unrated severityNVD Advisory· Published Dec 22, 2013· Updated Jun 17, 2026
CVE-2013-6735
CVE-2013-6735
Description
IBM WebSphere Portal 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, and 8.0.0.x through 8.0.0.1 CF08 allows remote attackers to obtain sensitive Java Content Repository (JCR) information via a modified Web Content Manager (WCM) URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
27cpe:2.3:a:ibm:websphere_portal:6.0.0.0:*:*:*:*:*:*:*+ 26 more
- cpe:2.3:a:ibm:websphere_portal:6.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.0.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:6.1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:7.0.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:websphere_portal:8.0.0.1:*:*:*:*:*:*:*
- (no CPE)range: 6.0.0.x through 6.0.0.1, 6.0.1.x through 6.0.1.7, 6.1.0.x through 6.1.0.6 CF27, 6.1.5.x through 6.1.5.3 CF27, 7.0.0.x through 7.0.0.2 CF26, 8.0.0.x through 8.0.0.1 CF08
Patches
Vulnerability mechanics
References
10- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
- packetstormsecurity.com/files/124611/IBM-Web-Content-Manager-XPath-Injection.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/64496nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1029539nvdThird Party AdvisoryVDB Entry
- www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_fix_available_for_unauthorized_information_retrieval_security_vulnerability_in_ibm_websphere_portal_cve_2013_6735nvdThird Party AdvisoryVDB Entry
- www-01.ibm.com/support/docview.wssnvdNot Applicable
- osvdb.org/101255nvd
- secunia.com/advisories/56161nvd
- www.securityfocus.com/archive/1/530552/100/0/threadednvd
- exchange.xforce.ibmcloud.com/vulnerabilities/89591nvd
News mentions
0No linked articles in our index yet.