Lucene search

[email protected]CVE-2011-1029

HistoryFeb 14, 2011 - 10:00 p.m.

CVE-2011-1029

2011-02-1422:00:00

CWE-79

[email protected]

web.nvd.nist.gov

ibm

rational team concert

rtc

xss vulnerability

cross-site scripting

cve-2011-1029

nvd

5.6 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

47.0%

JSON

Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert (RTC) 2.0.0.x allows remote authenticated users to inject arbitrary web script or HTML via the name of a shared report.

CPENameOperatorVersion
ibm:rational_team_concertibm rational team concerteq2.0.0.2
ibm:rational_team_concertibm rational team concerteq2.0.0.1

CPE	Name	Operator	Version
ibm:rational_team_concert	ibm rational team concert	eq	2.0.0.2
ibm:rational_team_concert	ibm rational team concert	eq	2.0.0.1

References

secunia.com/advisories/43223

www.ibm.com/support/docview.wss?uid=swg1PM22477

www.securityfocus.com/bid/46179

www.vupen.com/english/advisories/2011/0297

exchange.xforce.ibmcloud.com/vulnerabilities/65170

5.6 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

47.0%

JSON

Related for CVE-2011-1029

prion1 cvelist1