Lucene search

[email protected]NVD:CVE-2011-2020

HistoryMay 20, 2011 - 10:55 p.m.

CVE-2011-2020

2011-05-2022:55:05

CWE-79

[email protected]

web.nvd.nist.gov

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

69.4%

JSON

Cross-site scripting (XSS) vulnerability in TIBCO iProcess Engine before 11.1.3 and iProcess Workspace before 11.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd

Node

tibcoiprocess_engineRange≤11.1.2

tibcoiprocess_engineMatch10.3.0

tibcoiprocess_engineMatch10.3.1

tibcoiprocess_engineMatch10.3.2

tibcoiprocess_engineMatch10.3.3

tibcoiprocess_engineMatch10.3.4

tibcoiprocess_engineMatch10.3.5

tibcoiprocess_engineMatch10.4

tibcoiprocess_engineMatch10.4.1

tibcoiprocess_engineMatch10.5

tibcoiprocess_engineMatch10.6

tibcoiprocess_engineMatch10.6.0

tibcoiprocess_engineMatch10.6.1

tibcoiprocess_engineMatch10.6.2

tibcoiprocess_engineMatch11.0

tibcoiprocess_engineMatch11.1.1

Node

tibcoiprocess_workspaceRange≤11.3

tibcoiprocess_workspaceMatch11.0

tibcoiprocess_workspaceMatch11.1

tibcoiprocess_workspaceMatch11.2

VendorProductVersionCPE
tibcoiprocess_engine*cpe:2.3:a:tibco:iprocess_engine:*:*:*:*:*:*:*:*
tibcoiprocess_engine10.3.0cpe:2.3:a:tibco:iprocess_engine:10.3.0:*:*:*:*:*:*:*
tibcoiprocess_engine10.3.1cpe:2.3:a:tibco:iprocess_engine:10.3.1:*:*:*:*:*:*:*
tibcoiprocess_engine10.3.2cpe:2.3:a:tibco:iprocess_engine:10.3.2:*:*:*:*:*:*:*
tibcoiprocess_engine10.3.3cpe:2.3:a:tibco:iprocess_engine:10.3.3:*:*:*:*:*:*:*
tibcoiprocess_engine10.3.4cpe:2.3:a:tibco:iprocess_engine:10.3.4:*:*:*:*:*:*:*
tibcoiprocess_engine10.3.5cpe:2.3:a:tibco:iprocess_engine:10.3.5:*:*:*:*:*:*:*
tibcoiprocess_engine10.4cpe:2.3:a:tibco:iprocess_engine:10.4:*:*:*:*:*:*:*
tibcoiprocess_engine10.4.1cpe:2.3:a:tibco:iprocess_engine:10.4.1:*:*:*:*:*:*:*
tibcoiprocess_engine10.5cpe:2.3:a:tibco:iprocess_engine:10.5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
tibco	iprocess_engine	*	cpe:2.3:a:tibco:iprocess_engine::::::::
tibco	iprocess_engine	10.3.0	cpe:2.3:a:tibco:iprocess_engine:10.3.0:::::::*
tibco	iprocess_engine	10.3.1	cpe:2.3:a:tibco:iprocess_engine:10.3.1:::::::*
tibco	iprocess_engine	10.3.2	cpe:2.3:a:tibco:iprocess_engine:10.3.2:::::::*
tibco	iprocess_engine	10.3.3	cpe:2.3:a:tibco:iprocess_engine:10.3.3:::::::*
tibco	iprocess_engine	10.3.4	cpe:2.3:a:tibco:iprocess_engine:10.3.4:::::::*
tibco	iprocess_engine	10.3.5	cpe:2.3:a:tibco:iprocess_engine:10.3.5:::::::*
tibco	iprocess_engine	10.4	cpe:2.3:a:tibco:iprocess_engine:10.4:::::::*
tibco	iprocess_engine	10.4.1	cpe:2.3:a:tibco:iprocess_engine:10.4.1:::::::*
tibco	iprocess_engine	10.5	cpe:2.3:a:tibco:iprocess_engine:10.5:::::::*

Rows per page:

1-10 of 201

References

osvdb.org/72553

secunia.com/advisories/44639

www.securityfocus.com/bid/47921

www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt

www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp

www.vupen.com/english/advisories/2011/1272

exchange.xforce.ibmcloud.com/vulnerabilities/67537

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.003

Percentile

69.4%

JSON

Related for NVD:CVE-2011-2020

cve1 prion1 cvelist1 tibco1