Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM839F9A1B1F099C12CD5C9A3E67980E17E52615FDBBAB1CCE722DC2F29CB5A6EA
HistoryMar 23, 2020 - 2:05 p.m.

Security Bulletin: IBM Tivoli Netcool Impact is affected by an Arbitrary Script Injection vulnerability (CVE-2019-4681)

2020-03-2314:05:07
www.ibm.com
5

EPSS

0.001

Percentile

29.7%

JSON

Summary

IBM Tivoli Netcool Impact has addressed the following Arbitrary Script Injection vulnerability. Affected version of AngularJS shipped as a component of IBM Tivoli Netcool Impact.

Vulnerability Details

CVEID:CVE-2019-4681
**DESCRIPTION:**IBM Tivoli Netcool Impact is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
CVSS Base score: 6.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/171734 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

Affected Products and Versions

Affected Product(s) Version(s)
IBM Tivoli Netcool Impact 7.1.0 7.1.0.0~7.1.0.17

Remediation/Fixes

| VRMF| APAR| Remediation/First Fix
—|—|—|—
IBM Tivoli Netcool Impact 7.1.0| 7.1.0.18| IJ18823| IBM Tivoli Netcool Impact 7.1.0 FP18

Workarounds and Mitigations

None

Related

prion 1
cvelist 1
cve 1
nvd 1
prion
prion
Cross site scripting
2020-03-24 16:15:00
cvelist
cvelist
CVE-2019-4681
2020-03-24 15:20:22
cve
cve
CVE-2019-4681
2020-03-24 16:15:12
nvd
nvd
CVE-2019-4681
2020-03-24 16:15:12

EPSS

0.001

Percentile

29.7%

JSON
Related for 839F9A1B1F099C12CD5C9A3E67980E17E52615FDBBAB1CCE722DC2F29CB5A6EA
prion1cvelist1cve1nvd1