Lucene search
HistoryDec 08, 2012 - 3:55 p.m.
CVE-2012-3297
ibm tivoli monitoring
xss
cve-2012-3297
security vulnerability
6 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
54.9%
Cross-site scripting (XSS) vulnerability in the embedded HTTP server in the Service Console in IBM Tivoli Monitoring 6.2.2 before 6.2.2-TIV-ITM-FP0009 and 6.3.2 before 6.2.3-TIV-ITM-FP0001 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm:tivoli_monitoring | ibm tivoli monitoring | eq | 6.2.3 |
| ibm:tivoli_monitoring | ibm tivoli monitoring | eq | 6.2.2 |
Related
cvelist
cvelist
CVE-2012-3297
2012-12-08 15:00:00
prion
prion
Cross site scripting
2012-12-08 15:55:00
6 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.002 Low
EPSS
Percentile
54.9%
Related for CVE-2012-3297