Lucene search

[email protected]CVE-2012-1046

HistoryFeb 10, 2012 - 7:55 p.m.

CVE-2012-1046

2012-02-1019:55:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2012-1046

xss

ibm cognos

tm1

9.5.2 fp1

nvd

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

62.0%

JSON

Cross-site scripting (XSS) vulnerability in TM1 Web in IBM Cognos TM1 9.5.2 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0696.

CPENameOperatorVersion
ibm:cognos_tm1ibm cognos tm1eq9.5.2

CPE	Name	Operator	Version
ibm:cognos_tm1	ibm cognos tm1	eq	9.5.2

References

secunia.com/advisories/47889

securitytracker.com/id?1026648

www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1PM49009

www-01.ibm.com/support/docview.wss?uid=swg27023584

www.ibm.com/support/docview.wss?uid=swg1PM49009

www.osvdb.org/78917

www.securityfocus.com/bid/51905

5.7 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.002 Low

EPSS

Percentile

62.0%

JSON

Related for CVE-2012-1046

prion2 cvelist2 cve1