Lucene search
HistoryOct 01, 2013 - 11:14 a.m.
CVE-2013-3048
cve-2013-3048
cross-site scripting
xss
ibm maximo asset management
security vulnerability
nvd
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.8%
Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Affected configurations
Node
ibmmaximo_asset_managementMatch7.5.0.0
ORibmmaximo_asset_managementMatch7.5.0.1
ORibmmaximo_asset_managementMatch7.5.0.2
Node
ibmmaximo_asset_managementMatch6.2
ORibmmaximo_asset_managementMatch6.2.1
ORibmmaximo_asset_managementMatch6.2.2
ORibmmaximo_asset_managementMatch6.2.3
ORibmmaximo_asset_managementMatch6.2.4
ORibmmaximo_asset_managementMatch6.2.5
ORibmmaximo_asset_managementMatch6.2.6
ORibmmaximo_asset_managementMatch6.2.6.1
ORibmmaximo_asset_managementMatch6.2.7
Node
ibmmaximo_asset_managementMatch7.1
ORibmmaximo_asset_managementMatch7.1.1
ORibmmaximo_asset_managementMatch7.1.1.1
ORibmmaximo_asset_managementMatch7.1.1.2
ORibmmaximo_asset_managementMatch7.1.1.5
ORibmmaximo_asset_managementMatch7.1.1.6
ORibmmaximo_asset_managementMatch7.1.1.7
ORibmmaximo_asset_managementMatch7.1.1.8
ORibmmaximo_asset_managementMatch7.1.1.9
ORibmmaximo_asset_managementMatch7.1.1.10
ORibmmaximo_asset_managementMatch7.1.1.11
Related
cvelist
cvelist
CVE-2013-3048
2013-10-01 10:00:00
nvd
nvd
CVE-2013-3048
2013-10-01 11:14:43
prion
prion
Cross site scripting
2013-10-01 11:14:00
ibm
ibm
3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
47.8%
Related for CVE-2013-3048