Lucene search

IbmCVE-2014-0843

HistoryFeb 26, 2014 - 1:29 a.m.

CVE-2014-0843

2014-02-2601:29:36

CWE-79

ibm

web.nvd.nist.gov

cve-2014-0843

cross-site scripting

xss

ibm rational focal point

vulnerability

security

nvd

remote authenticated users

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

33.4%

JSON

Cross-site scripting (XSS) vulnerability in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 allows remote authenticated users to inject arbitrary web script or HTML by uploading a file.

Affected configurations

Nvd

Node

ibmrational_focal_pointMatch6.4

ibmrational_focal_pointMatch6.4.0.1

ibmrational_focal_pointMatch6.4.1.0

ibmrational_focal_pointMatch6.4.1.1

ibmrational_focal_pointMatch6.4.1.2

ibmrational_focal_pointMatch6.4.1.3

ibmrational_focal_pointMatch6.5

ibmrational_focal_pointMatch6.5.0.1

ibmrational_focal_pointMatch6.5.0.2

ibmrational_focal_pointMatch6.5.1

ibmrational_focal_pointMatch6.5.1.1

ibmrational_focal_pointMatch6.5.2

ibmrational_focal_pointMatch6.5.2.1

ibmrational_focal_pointMatch6.5.2.2

ibmrational_focal_pointMatch6.5.2.3

ibmrational_focal_pointMatch6.6

ibmrational_focal_pointMatch6.6.0.1

VendorProductVersionCPE
ibmrational_focal_point6.4cpe:2.3:a:ibm:rational_focal_point:6.4:*:*:*:*:*:*:*
ibmrational_focal_point6.4.0.1cpe:2.3:a:ibm:rational_focal_point:6.4.0.1:*:*:*:*:*:*:*
ibmrational_focal_point6.4.1.0cpe:2.3:a:ibm:rational_focal_point:6.4.1.0:*:*:*:*:*:*:*
ibmrational_focal_point6.4.1.1cpe:2.3:a:ibm:rational_focal_point:6.4.1.1:*:*:*:*:*:*:*
ibmrational_focal_point6.4.1.2cpe:2.3:a:ibm:rational_focal_point:6.4.1.2:*:*:*:*:*:*:*
ibmrational_focal_point6.4.1.3cpe:2.3:a:ibm:rational_focal_point:6.4.1.3:*:*:*:*:*:*:*
ibmrational_focal_point6.5cpe:2.3:a:ibm:rational_focal_point:6.5:*:*:*:*:*:*:*
ibmrational_focal_point6.5.0.1cpe:2.3:a:ibm:rational_focal_point:6.5.0.1:*:*:*:*:*:*:*
ibmrational_focal_point6.5.0.2cpe:2.3:a:ibm:rational_focal_point:6.5.0.2:*:*:*:*:*:*:*
ibmrational_focal_point6.5.1cpe:2.3:a:ibm:rational_focal_point:6.5.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	rational_focal_point	6.4	cpe:2.3:a:ibm:rational_focal_point:6.4:::::::*
ibm	rational_focal_point	6.4.0.1	cpe:2.3:a:ibm:rational_focal_point:6.4.0.1:::::::*
ibm	rational_focal_point	6.4.1.0	cpe:2.3:a:ibm:rational_focal_point:6.4.1.0:::::::*
ibm	rational_focal_point	6.4.1.1	cpe:2.3:a:ibm:rational_focal_point:6.4.1.1:::::::*
ibm	rational_focal_point	6.4.1.2	cpe:2.3:a:ibm:rational_focal_point:6.4.1.2:::::::*
ibm	rational_focal_point	6.4.1.3	cpe:2.3:a:ibm:rational_focal_point:6.4.1.3:::::::*
ibm	rational_focal_point	6.5	cpe:2.3:a:ibm:rational_focal_point:6.5:::::::*
ibm	rational_focal_point	6.5.0.1	cpe:2.3:a:ibm:rational_focal_point:6.5.0.1:::::::*
ibm	rational_focal_point	6.5.0.2	cpe:2.3:a:ibm:rational_focal_point:6.5.0.2:::::::*
ibm	rational_focal_point	6.5.1	cpe:2.3:a:ibm:rational_focal_point:6.5.1:::::::*

Rows per page:

1-10 of 171

References

www-01.ibm.com/support/docview.wss?uid=swg21665005

www.securityfocus.com/bid/65730

exchange.xforce.ibmcloud.com/vulnerabilities/90714

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

33.4%

JSON

Related for CVE-2014-0843