Lucene search

[email protected]CVE-2013-0571

HistoryApr 27, 2013 - 3:16 a.m.

CVE-2013-0571

2013-04-2703:16:46

CWE-79

[email protected]

web.nvd.nist.gov

ibm

document connect

xss

vulnerability

dc4asf

nvd

security

5.7 Medium

AI Score

Confidence

High

2.9 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

46.6%

JSON

Cross-site scripting (XSS) vulnerability in IBM Document Connect for Application Support Facility (aka DC4ASF) before 1.0.0.1218 in Application Support Facility (ASF) 3.4 for z/OS on Windows, Linux, and AIX allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

Affected configurations

NVD

Node

ibmapplication_support_facilityMatch3.4.0-aix

ibmapplication_support_facilityMatch3.4.0-linux_kernel

ibmapplication_support_facilityMatch3.4.0-windows

ibmapplication_support_facilityMatch3.4.0-z\/os

ibmdocument_connect_for_application_support_facilityRange≤1.0.0.1204

CPENameOperatorVersion
ibm:application_support_facilityibm application support facilityeq3.4.0
ibm:document_connect_for_application_support_facilityibm document connect for application support facilityle1.0.0.1204

CPE	Name	Operator	Version
ibm:application_support_facility	ibm application support facility	eq	3.4.0
ibm:document_connect_for_application_support_facility	ibm document connect for application support facility	le	1.0.0.1204

References

www-01.ibm.com/support/docview.wss?uid=swg21635328

exchange.xforce.ibmcloud.com/vulnerabilities/83246

5.7 Medium

AI Score

Confidence

High

2.9 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

46.6%

JSON

Related for CVE-2013-0571

prion1 nvd1 cvelist1