Lucene search

[email protected]CVE-2014-6188

HistoryDec 24, 2014 - 11:59 a.m.

CVE-2014-6188

2014-12-2411:59:10

CWE-79

[email protected]

web.nvd.nist.gov

ibm

wsrr

xss

vulnerabilities

web script

html

nvd

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Service Registry and Repository (WSRR) 6.3.x before 6.3.0.5, 7.0.x through 7.0.0.5, 7.5.x before 7.5.0.3, and 8.0.x before 8.0.0.2 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

ibmwebsphere_service_registry_and_repositoryMatch6.3.0

ibmwebsphere_service_registry_and_repositoryMatch6.3.0.1

ibmwebsphere_service_registry_and_repositoryMatch6.3.0.2

ibmwebsphere_service_registry_and_repositoryMatch6.3.0.3

ibmwebsphere_service_registry_and_repositoryMatch6.3.0.4

ibmwebsphere_service_registry_and_repositoryMatch7.0.0

ibmwebsphere_service_registry_and_repositoryMatch7.0.0.1

ibmwebsphere_service_registry_and_repositoryMatch7.0.0.2

ibmwebsphere_service_registry_and_repositoryMatch7.0.0.3

ibmwebsphere_service_registry_and_repositoryMatch7.0.0.4

ibmwebsphere_service_registry_and_repositoryMatch7.0.0.5

ibmwebsphere_service_registry_and_repositoryMatch7.5.0.0

ibmwebsphere_service_registry_and_repositoryMatch7.5.0.1

ibmwebsphere_service_registry_and_repositoryMatch7.5.0.2

ibmwebsphere_service_registry_and_repositoryMatch8.0

ibmwebsphere_service_registry_and_repositoryMatch8.0.0.1

CPENameOperatorVersion
ibm:websphere_service_registry_and_repositoryibm websphere service registry and repositoryeq6.3.0
ibm:websphere_service_registry_and_repositoryibm websphere service registry and repositoryeq6.3.0.1
ibm:websphere_service_registry_and_repositoryibm websphere service registry and repositoryeq6.3.0.2
ibm:websphere_service_registry_and_repositoryibm websphere service registry and repositoryeq6.3.0.3
ibm:websphere_service_registry_and_repositoryibm websphere service registry and repositoryeq6.3.0.4
ibm:websphere_service_registry_and_repositoryibm websphere service registry and repositoryeq7.0.0
ibm:websphere_service_registry_and_repositoryibm websphere service registry and repositoryeq7.0.0.1
ibm:websphere_service_registry_and_repositoryibm websphere service registry and repositoryeq7.0.0.2
ibm:websphere_service_registry_and_repositoryibm websphere service registry and repositoryeq7.0.0.3
ibm:websphere_service_registry_and_repositoryibm websphere service registry and repositoryeq7.0.0.4

CPE	Name	Operator	Version
ibm:websphere_service_registry_and_repository	ibm websphere service registry and repository	eq	6.3.0
ibm:websphere_service_registry_and_repository	ibm websphere service registry and repository	eq	6.3.0.1
ibm:websphere_service_registry_and_repository	ibm websphere service registry and repository	eq	6.3.0.2
ibm:websphere_service_registry_and_repository	ibm websphere service registry and repository	eq	6.3.0.3
ibm:websphere_service_registry_and_repository	ibm websphere service registry and repository	eq	6.3.0.4
ibm:websphere_service_registry_and_repository	ibm websphere service registry and repository	eq	7.0.0
ibm:websphere_service_registry_and_repository	ibm websphere service registry and repository	eq	7.0.0.1
ibm:websphere_service_registry_and_repository	ibm websphere service registry and repository	eq	7.0.0.2
ibm:websphere_service_registry_and_repository	ibm websphere service registry and repository	eq	7.0.0.3
ibm:websphere_service_registry_and_repository	ibm websphere service registry and repository	eq	7.0.0.4

Rows per page:

1-10 of 161

References

www-01.ibm.com/support/docview.wss?uid=swg1IV26727

www.ibm.com/support/docview.wss?uid=swg21693379

www.ibm.com/support/docview.wss?uid=swg21693381

www.ibm.com/support/docview.wss?uid=swg21693384

www.ibm.com/support/docview.wss?uid=swg21693387

exchange.xforce.ibmcloud.com/vulnerabilities/98553

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.7%

JSON

Related for CVE-2014-6188

cvelist1 nvd1 prion1 nessus4 ibm2