CVE-2013-5370

critical

Published 2013-10-01 · Modified 2026-04-29

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

Unspecified vulnerability in IBM SPSS Collaboration and Deployment Services 4.2.1 and 5.0 through FP2 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-4042.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg21651299

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg1PM95738

Application impact

Vendor	Product	Versions
ibm	spss_collaboration_and_deployment_services	`4.2.1`
ibm	spss_collaboration_and_deployment_services	`5.0.0`
ibm	spss_collaboration_and_deployment_services	`5.0.1`
ibm	spss_collaboration_and_deployment_services	`5.0.2`

References

http://www-01.ibm.com/support/docview.wss?uid=swg1PM95738
http://www-01.ibm.com/support/docview.wss?uid=swg21651299
https://exchange.xforce.ibmcloud.com/vulnerabilities/86658
http://www-01.ibm.com/support/docview.wss?uid=swg1PM95738
http://www-01.ibm.com/support/docview.wss?uid=swg21651299
https://exchange.xforce.ibmcloud.com/vulnerabilities/86658

Verify integrity in audit chain (admin only). AS-IS.