Lucene search

[email protected]CVE-2015-0122

HistoryMar 13, 2015 - 1:59 a.m.

CVE-2015-0122

2015-03-1301:59:22

CWE-79

[email protected]

web.nvd.nist.gov

"cve-2015-0122

cross-site scripting

xss

ibm rational team concert

security vulnerability"

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.4%

JSON

Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix 5, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0123.

Affected configurations

NVD

Node

ibmrational_team_concertMatch2.0.0.2

ibmrational_team_concertMatch3.0

ibmrational_team_concertMatch3.0.1

ibmrational_team_concertMatch3.0.1.1

ibmrational_team_concertMatch3.0.1.2

ibmrational_team_concertMatch3.0.1.3

ibmrational_team_concertMatch3.0.1.4

ibmrational_team_concertMatch3.0.1.5

ibmrational_team_concertMatch3.0.1.6

ibmrational_team_concertMatch4.0

ibmrational_team_concertMatch4.0.0.1

ibmrational_team_concertMatch4.0.0.2

ibmrational_team_concertMatch4.0.1

ibmrational_team_concertMatch4.0.2

ibmrational_team_concertMatch4.0.3

ibmrational_team_concertMatch4.0.4

ibmrational_team_concertMatch4.0.5

ibmrational_team_concertMatch4.0.6

ibmrational_team_concertMatch4.0.7

ibmrational_team_concertMatch5.0.0

ibmrational_team_concertMatch5.0.1

CPENameOperatorVersion
ibm:rational_team_concertibm rational team concerteq2.0.0.2
ibm:rational_team_concertibm rational team concerteq3.0
ibm:rational_team_concertibm rational team concerteq3.0.1
ibm:rational_team_concertibm rational team concerteq3.0.1.1
ibm:rational_team_concertibm rational team concerteq3.0.1.2
ibm:rational_team_concertibm rational team concerteq3.0.1.3
ibm:rational_team_concertibm rational team concerteq3.0.1.4
ibm:rational_team_concertibm rational team concerteq3.0.1.5
ibm:rational_team_concertibm rational team concerteq3.0.1.6
ibm:rational_team_concertibm rational team concerteq4.0

CPE	Name	Operator	Version
ibm:rational_team_concert	ibm rational team concert	eq	2.0.0.2
ibm:rational_team_concert	ibm rational team concert	eq	3.0
ibm:rational_team_concert	ibm rational team concert	eq	3.0.1
ibm:rational_team_concert	ibm rational team concert	eq	3.0.1.1
ibm:rational_team_concert	ibm rational team concert	eq	3.0.1.2
ibm:rational_team_concert	ibm rational team concert	eq	3.0.1.3
ibm:rational_team_concert	ibm rational team concert	eq	3.0.1.4
ibm:rational_team_concert	ibm rational team concert	eq	3.0.1.5
ibm:rational_team_concert	ibm rational team concert	eq	3.0.1.6
ibm:rational_team_concert	ibm rational team concert	eq	4.0

Rows per page:

1-10 of 211

References

www-01.ibm.com/support/docview.wss?uid=swg21698253

www.securityfocus.com/bid/73093

www.securitytracker.com/id/1031884

3.5 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.4%

JSON

Related for CVE-2015-0122

cvelist2 ibm1 prion2 nvd2 cve1