Lucene search

MitreCVE-2011-4465

HistoryNov 19, 2011 - 3:58 a.m.

CVE-2011-4465

2011-11-1903:58:55

CWE-79

mitre

web.nvd.nist.gov

ibm

lotus

mobile connect

lmc

6.1.4

xss

vulnerability

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

55.1%

JSON

Cross-site scripting (XSS) vulnerability in IBM Lotus Mobile Connect (LMC) 6.1.4 allows remote attackers to inject arbitrary web script or HTML via vectors related to a hidden redirect URL.

Affected configurations

Nvd

Node

ibmlotus_mobile_connectMatch6.1.4

VendorProductVersionCPE
ibmlotus_mobile_connect6.1.4cpe:2.3:a:ibm:lotus_mobile_connect:6.1.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	lotus_mobile_connect	6.1.4	cpe:2.3:a:ibm:lotus_mobile_connect:6.1.4:::::::*

References

www.ibm.com/support/docview.wss?uid=swg1IV07148

www.ibm.com/support/docview.wss?uid=swg27020327

exchange.xforce.ibmcloud.com/vulnerabilities/72337

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

55.1%

JSON

Related for CVE-2011-4465