Lucene search

[email protected]CVE-2011-1362

HistoryJan 15, 2012 - 3:55 a.m.

CVE-2011-1362

2012-01-1503:55:12

CWE-79

[email protected]

web.nvd.nist.gov

cve-2011-1362

xss

ivt

ibm

websphere

application server

security

vulnerability

5.6 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

65.0%

JSON

Cross-site scripting (XSS) vulnerability in the Installation Verification Test (IVT) application in the Install component in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.41 and 7.0 before 7.0.0.19 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-1308.

Affected configurations

NVD

Node

ibmwebsphere_application_serverMatch6.1

ibmwebsphere_application_serverMatch6.1.0

ibmwebsphere_application_serverMatch6.1.0.0

ibmwebsphere_application_serverMatch6.1.0.1

ibmwebsphere_application_serverMatch6.1.0.2

ibmwebsphere_application_serverMatch6.1.0.3

ibmwebsphere_application_serverMatch6.1.0.5

ibmwebsphere_application_serverMatch6.1.0.7

ibmwebsphere_application_serverMatch6.1.0.9

ibmwebsphere_application_serverMatch6.1.0.11

ibmwebsphere_application_serverMatch6.1.0.12

ibmwebsphere_application_serverMatch6.1.0.15

ibmwebsphere_application_serverMatch6.1.0.17

ibmwebsphere_application_serverMatch6.1.0.19

ibmwebsphere_application_serverMatch6.1.0.21

ibmwebsphere_application_serverMatch6.1.0.23

ibmwebsphere_application_serverMatch6.1.0.25

ibmwebsphere_application_serverMatch6.1.0.27

ibmwebsphere_application_serverMatch6.1.0.29

ibmwebsphere_application_serverMatch6.1.0.31

ibmwebsphere_application_serverMatch6.1.0.33

ibmwebsphere_application_serverMatch6.1.0.35

ibmwebsphere_application_serverMatch6.1.0.37

ibmwebsphere_application_serverMatch6.1.0.39

ibmwebsphere_application_serverMatch6.1.1

ibmwebsphere_application_serverMatch6.1.3

ibmwebsphere_application_serverMatch6.1.5

ibmwebsphere_application_serverMatch6.1.6

ibmwebsphere_application_serverMatch6.1.7

ibmwebsphere_application_serverMatch6.1.13

ibmwebsphere_application_serverMatch6.1.14

Node

ibmwebsphere_application_serverMatch7.0

ibmwebsphere_application_serverMatch7.0.0.1

ibmwebsphere_application_serverMatch7.0.0.2

ibmwebsphere_application_serverMatch7.0.0.3

ibmwebsphere_application_serverMatch7.0.0.4

ibmwebsphere_application_serverMatch7.0.0.5

ibmwebsphere_application_serverMatch7.0.0.6

ibmwebsphere_application_serverMatch7.0.0.7

ibmwebsphere_application_serverMatch7.0.0.8

ibmwebsphere_application_serverMatch7.0.0.9

ibmwebsphere_application_serverMatch7.0.0.11

ibmwebsphere_application_serverMatch7.0.0.13

ibmwebsphere_application_serverMatch7.0.0.15

ibmwebsphere_application_serverMatch7.0.0.17

CPENameOperatorVersion
ibm:websphere_application_serveribm websphere application servereq6.1
ibm:websphere_application_serveribm websphere application servereq6.1.0
ibm:websphere_application_serveribm websphere application servereq6.1.0.0
ibm:websphere_application_serveribm websphere application servereq6.1.0.1
ibm:websphere_application_serveribm websphere application servereq6.1.0.2
ibm:websphere_application_serveribm websphere application servereq6.1.0.3
ibm:websphere_application_serveribm websphere application servereq6.1.0.5
ibm:websphere_application_serveribm websphere application servereq6.1.0.7
ibm:websphere_application_serveribm websphere application servereq6.1.0.9
ibm:websphere_application_serveribm websphere application servereq6.1.0.11

CPE	Name	Operator	Version
ibm:websphere_application_server	ibm websphere application server	eq	6.1
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.0
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.1
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.2
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.3
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.5
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.7
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.9
ibm:websphere_application_server	ibm websphere application server	eq	6.1.0.11