Lucene search

IbmCVE-2012-2205

HistoryAug 17, 2012 - 8:55 p.m.

CVE-2012-2205

2012-08-1720:55:04

CWE-79

ibm

web.nvd.nist.gov

cve-2012-2205

cross-site scripting

xss

ibm rational clearquest

nvd

security vulnerability

web script

html

workspace query

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

35.7%

JSON

Cross-site scripting (XSS) vulnerability in IBM Rational ClearQuest 7.1.x before 7.1.2.7 and 8.x before 8.0.0.3 allows remote authenticated users to inject arbitrary web script or HTML via a workspace query.

Affected configurations

Nvd

Node

ibmrational_clearquestMatch7.1.1.1

ibmrational_clearquestMatch7.1.1.2

ibmrational_clearquestMatch7.1.1.3

ibmrational_clearquestMatch7.1.1.4

ibmrational_clearquestMatch7.1.1.5

ibmrational_clearquestMatch7.1.1.6

ibmrational_clearquestMatch7.1.1.7

ibmrational_clearquestMatch7.1.1.8

ibmrational_clearquestMatch7.1.2

ibmrational_clearquestMatch7.1.2.1

ibmrational_clearquestMatch7.1.2.2

ibmrational_clearquestMatch7.1.2.3

ibmrational_clearquestMatch7.1.2.4

ibmrational_clearquestMatch7.1.2.5

ibmrational_clearquestMatch7.1.2.6

Node

ibmrational_clearquestMatch8.0.0

ibmrational_clearquestMatch8.0.0.1

ibmrational_clearquestMatch8.0.0.2

VendorProductVersionCPE
ibmrational_clearquest7.1.1.1cpe:2.3:a:ibm:rational_clearquest:7.1.1.1:*:*:*:*:*:*:*
ibmrational_clearquest7.1.1.2cpe:2.3:a:ibm:rational_clearquest:7.1.1.2:*:*:*:*:*:*:*
ibmrational_clearquest7.1.1.3cpe:2.3:a:ibm:rational_clearquest:7.1.1.3:*:*:*:*:*:*:*
ibmrational_clearquest7.1.1.4cpe:2.3:a:ibm:rational_clearquest:7.1.1.4:*:*:*:*:*:*:*
ibmrational_clearquest7.1.1.5cpe:2.3:a:ibm:rational_clearquest:7.1.1.5:*:*:*:*:*:*:*
ibmrational_clearquest7.1.1.6cpe:2.3:a:ibm:rational_clearquest:7.1.1.6:*:*:*:*:*:*:*
ibmrational_clearquest7.1.1.7cpe:2.3:a:ibm:rational_clearquest:7.1.1.7:*:*:*:*:*:*:*
ibmrational_clearquest7.1.1.8cpe:2.3:a:ibm:rational_clearquest:7.1.1.8:*:*:*:*:*:*:*
ibmrational_clearquest7.1.2cpe:2.3:a:ibm:rational_clearquest:7.1.2:*:*:*:*:*:*:*
ibmrational_clearquest7.1.2.1cpe:2.3:a:ibm:rational_clearquest:7.1.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	rational_clearquest	7.1.1.1	cpe:2.3:a:ibm:rational_clearquest:7.1.1.1:::::::*
ibm	rational_clearquest	7.1.1.2	cpe:2.3:a:ibm:rational_clearquest:7.1.1.2:::::::*
ibm	rational_clearquest	7.1.1.3	cpe:2.3:a:ibm:rational_clearquest:7.1.1.3:::::::*
ibm	rational_clearquest	7.1.1.4	cpe:2.3:a:ibm:rational_clearquest:7.1.1.4:::::::*
ibm	rational_clearquest	7.1.1.5	cpe:2.3:a:ibm:rational_clearquest:7.1.1.5:::::::*
ibm	rational_clearquest	7.1.1.6	cpe:2.3:a:ibm:rational_clearquest:7.1.1.6:::::::*
ibm	rational_clearquest	7.1.1.7	cpe:2.3:a:ibm:rational_clearquest:7.1.1.7:::::::*
ibm	rational_clearquest	7.1.1.8	cpe:2.3:a:ibm:rational_clearquest:7.1.1.8:::::::*
ibm	rational_clearquest	7.1.2	cpe:2.3:a:ibm:rational_clearquest:7.1.2:::::::*
ibm	rational_clearquest	7.1.2.1	cpe:2.3:a:ibm:rational_clearquest:7.1.2.1:::::::*

Rows per page:

1-10 of 181

References

www-01.ibm.com/support/docview.wss?uid=swg1PM61670

www.ibm.com/support/docview.wss?uid=swg21605838

exchange.xforce.ibmcloud.com/vulnerabilities/77094

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

35.7%

JSON

Related for CVE-2012-2205