CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
PrototypeJS is shipped as part of front-end component for IBM Tivoli Business Service Manager. Information about security vulnerabilities affecting PrototypeJS has been published in a security bulletin.
CVEID:CVE-2008-7220
**DESCRIPTION:**An unspecified error in the Prototype JavaScript framework (prototypejs), as used in multiple products, could allow a remote attacker to conduct cross-site ajax requests using unknown attack vectors. Note: This vulnerability affects the AJAX-based manager interface, ajamdemo.html, in certain versions of Asterisk.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/53652 for the current score.
CVSS Vector:
Affected Product(s) | Version(s) |
---|---|
IBM Tivoli Business Service Manager | 6.2.0 - 6.2.0.5 |
Product | VRMF | APAR | Remediation |
---|---|---|---|
IBM Tivoli Business Service Manager 6.2.0.0 - 6.2.0.5 | 6.2.0.5 IF5 | DT391605 | Upgrade to IBM Tivoli Business Service Manager 6.2.0.5 IF5 |
None
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | tivoli_business_service_manager | 6.2.0 | cpe:2.3:a:ibm:tivoli_business_service_manager:6.2.0:*:*:*:*:*:*:* |