Lucene search

K
nvd[email protected]NVD:CVE-2014-0955
HistoryMay 22, 2014 - 11:14 a.m.

CVE-2014-0955

2014-05-2211:14:14
CWE-79
web.nvd.nist.gov
8
xss
ibm websphere portal
remote authenticated users
arbitrary web script
html
social rendering
connections integration

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.1

Confidence

High

EPSS

0.002

Percentile

55.1%

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.0 before 8.0.0.1 CF12, when Social Rendering in Connections integration is enabled, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd
Node
ibmwebsphere_portalMatch8.0.0.0
OR
ibmwebsphere_portalMatch8.0.0.0cf01
OR
ibmwebsphere_portalMatch8.0.0.0cf02
OR
ibmwebsphere_portalMatch8.0.0.0cf03
OR
ibmwebsphere_portalMatch8.0.0.0cf04
OR
ibmwebsphere_portalMatch8.0.0.0cf05
OR
ibmwebsphere_portalMatch8.0.0.1
OR
ibmwebsphere_portalMatch8.0.0.1cf04
OR
ibmwebsphere_portalMatch8.0.0.1cf05
OR
ibmwebsphere_portalMatch8.0.0.1cf07
OR
ibmwebsphere_portalMatch8.0.0.1cf08
OR
ibmwebsphere_portalMatch8.0.0.1cf09
OR
ibmwebsphere_portalMatch8.0.0.1cf10
OR
ibmwebsphere_portalMatch8.0.0.1cf11
VendorProductVersionCPE
ibmwebsphere_portal8.0.0.0cpe:2.3:a:ibm:websphere_portal:8.0.0.0:*:*:*:*:*:*:*
ibmwebsphere_portal8.0.0.0cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf01:*:*:*:*:*:*
ibmwebsphere_portal8.0.0.0cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf02:*:*:*:*:*:*
ibmwebsphere_portal8.0.0.0cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf03:*:*:*:*:*:*
ibmwebsphere_portal8.0.0.0cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf04:*:*:*:*:*:*
ibmwebsphere_portal8.0.0.0cpe:2.3:a:ibm:websphere_portal:8.0.0.0:cf05:*:*:*:*:*:*
ibmwebsphere_portal8.0.0.1cpe:2.3:a:ibm:websphere_portal:8.0.0.1:*:*:*:*:*:*:*
ibmwebsphere_portal8.0.0.1cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf04:*:*:*:*:*:*
ibmwebsphere_portal8.0.0.1cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf05:*:*:*:*:*:*
ibmwebsphere_portal8.0.0.1cpe:2.3:a:ibm:websphere_portal:8.0.0.1:cf07:*:*:*:*:*:*
Rows per page:
1-10 of 141

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.1

Confidence

High

EPSS

0.002

Percentile

55.1%

Related for NVD:CVE-2014-0955