Lucene search
HistoryMay 22, 2014 - 11:14 a.m.
CVE-2014-0952
ibm
websphere
portal
xss
vulnerability
boot_config.jsp
cve-2014-0952
nvd
security
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.1%
Cross-site scripting (XSS) vulnerability in boot_config.jsp in IBM WebSphere Portal 6.1.0 through 6.1.0.6 CF27, 6.1.5 through 6.1.5.3 CF28, 7.0 through 7.0.0.2 CF28, and 8.0 before 8.0.0.1 CF12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
Node
ibmwebsphere_portalMatch6.1.0.0
ORibmwebsphere_portalMatch6.1.0.1
ORibmwebsphere_portalMatch6.1.0.2
ORibmwebsphere_portalMatch6.1.0.3
ORibmwebsphere_portalMatch6.1.0.4
ORibmwebsphere_portalMatch6.1.0.5
ORibmwebsphere_portalMatch6.1.0.6
ORibmwebsphere_portalMatch6.1.0.6cf27
ORibmwebsphere_portalMatch6.1.5.0
ORibmwebsphere_portalMatch6.1.5.1
ORibmwebsphere_portalMatch6.1.5.2
ORibmwebsphere_portalMatch6.1.5.3
ORibmwebsphere_portalMatch6.1.5.3cf27
ORibmwebsphere_portalMatch7.0.0.0
ORibmwebsphere_portalMatch7.0.0.0cf001
ORibmwebsphere_portalMatch7.0.0.1
ORibmwebsphere_portalMatch7.0.0.1cf002
ORibmwebsphere_portalMatch7.0.0.1cf003
ORibmwebsphere_portalMatch7.0.0.1cf004
ORibmwebsphere_portalMatch7.0.0.1cf005
ORibmwebsphere_portalMatch7.0.0.1cf006
ORibmwebsphere_portalMatch7.0.0.1cf007
ORibmwebsphere_portalMatch7.0.0.1cf008
ORibmwebsphere_portalMatch7.0.0.1cf009
ORibmwebsphere_portalMatch7.0.0.1cf010
ORibmwebsphere_portalMatch7.0.0.1cf019
ORibmwebsphere_portalMatch7.0.0.2
ORibmwebsphere_portalMatch7.0.0.2cf011
ORibmwebsphere_portalMatch7.0.0.2cf012
ORibmwebsphere_portalMatch7.0.0.2cf013
ORibmwebsphere_portalMatch7.0.0.2cf014
ORibmwebsphere_portalMatch7.0.0.2cf015
ORibmwebsphere_portalMatch7.0.0.2cf016
ORibmwebsphere_portalMatch7.0.0.2cf017
ORibmwebsphere_portalMatch7.0.0.2cf018
ORibmwebsphere_portalMatch7.0.0.2cf019
ORibmwebsphere_portalMatch7.0.0.2cf020
ORibmwebsphere_portalMatch7.0.0.2cf021
ORibmwebsphere_portalMatch7.0.0.2cf022
ORibmwebsphere_portalMatch7.0.0.2cf23
ORibmwebsphere_portalMatch7.0.0.2cf24
ORibmwebsphere_portalMatch7.0.0.2cf25
ORibmwebsphere_portalMatch7.0.0.2cf26
ORibmwebsphere_portalMatch7.0.0.2cf27
ORibmwebsphere_portalMatch8.0.0.0
ORibmwebsphere_portalMatch8.0.0.0cf01
ORibmwebsphere_portalMatch8.0.0.0cf02
ORibmwebsphere_portalMatch8.0.0.0cf03
ORibmwebsphere_portalMatch8.0.0.0cf04
ORibmwebsphere_portalMatch8.0.0.0cf05
ORibmwebsphere_portalMatch8.0.0.1
ORibmwebsphere_portalMatch8.0.0.1cf04
ORibmwebsphere_portalMatch8.0.0.1cf05
ORibmwebsphere_portalMatch8.0.0.1cf07
ORibmwebsphere_portalMatch8.0.0.1cf08
ORibmwebsphere_portalMatch8.0.0.1cf09
ORibmwebsphere_portalMatch8.0.0.1cf10
ORibmwebsphere_portalMatch8.0.0.1cf11
Related
nessus
nessus
IBM WebSphere Portal 'boot_config.jsp' XSS (PI16041)
2014-05-23 00:00:00
IBM WebSphere Portal 6.1.0.x < 6.1.0.6 CF27 Multiple Vulnerabilities
2014-10-30 00:00:00
IBM WebSphere Portal 6.1.5.x < 6.1.5.3 CF27 Multiple Vulnerabilities
2014-10-30 00:00:00
prion
prion
Cross site scripting
2014-05-22 11:14:00
cvelist
cvelist
CVE-2014-0952
2014-05-22 10:00:00
nvd
nvd
CVE-2014-0952
2014-05-22 11:14:14
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
5.5 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.1%
Related for CVE-2014-0952