Lucene search

[email protected]CVE-2009-3521

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2009-3521

2022-10-0316:23:55

CWE-79

[email protected]

web.nvd.nist.gov

cve-2009-3521

cross-site scripting

xss

ibm tivoli

composite application manager

websphere

itcam

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

64.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in the Visualization Engine (VE) in IBM Tivoli Composite Application Manager for WebSphere (ITCAM) 6.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

NVD

Node

ibmtivoli_composite_application_manager_for_wesbsphereMatch6.1.0

VendorProductVersionCPE
ibmtivoli_composite_application_manager_for_wesbsphere6.1.0cpe:/a:ibm:tivoli_composite_application_manager_for_wesbsphere:6.1.0:::

Vendor	Product	Version	CPE
ibm	tivoli_composite_application_manager_for_wesbsphere	6.1.0	cpe:/a:ibm:tivoli_composite_application_manager_for_wesbsphere:6.1.0:::

References

secunia.com/advisories/36901

www-01.ibm.com/support/docview.wss?rs=71&uid=swg1PK90126

www.securityfocus.com/bid/36551

www.vupen.com/english/advisories/2009/2797

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

64.7%

JSON

Related for CVE-2009-3521

prion1 nvd1 cvelist1