VIR Vulnerability Intelligence Relay

CVE-2013-6321

high
Published 2014-01-10 · Modified 2026-04-29
CVSS v3
CVSS v2
7.5
VIR risk
7.5

Description

SQL injection vulnerability in IBM Atlas eDiscovery Process Management 6.0.1.5 and earlier and 6.0.2, Disposal and Governance Management for IT 6.0.1.5 and earlier and 6.0.2, and Global Retention Policy and Schedule Management 6.0.1.5 and earlier and 6.0.2 in IBM Atlas Suite (aka Atlas Policy Suite) allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_atlas_suite_atlas_policy_suite_sql_injection_vulnerability_cve_2013_6321_and_access_control_vulnerability_cve_2013_6334

Application impact
VendorProductVersionsFixed
ibm ibmatlas_ediscovery_process_management{"endIncluding":"6.0.1.5"}
ibm ibmatlas_ediscovery_process_management6.0.2
ibm ibmatlas_suite-
ibm ibmdisposal_and_governance_management_for_it{"endIncluding":"6.0.1.5"}
ibm ibmdisposal_and_governance_management_for_it6.0.2
ibm ibmglobal_retention_policy_and_schedule_management{"endIncluding":"6.0.1.5"}
ibm ibmglobal_retention_policy_and_schedule_management6.0.2

References

CWEs

CWE-89

Verify integrity in audit chain (admin only). AS-IS.