Lucene search

IbmCVE-2014-4820

HistorySep 18, 2014 - 10:55 a.m.

CVE-2014-4820

2014-09-1810:55:11

CWE-79

ibm

web.nvd.nist.gov

cve

2014

4820

xss

vulnerability

ibm

integration bus

manufacturing pack

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

55.1%

JSON

Cross-site scripting (XSS) vulnerability in IBM Integration Bus Manufacturing Pack 1.x before 1.0.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd

Node

ibmintegration_bus_manufacturing_packMatch1.0.0.0

VendorProductVersionCPE
ibmintegration_bus_manufacturing_pack1.0.0.0cpe:2.3:a:ibm:integration_bus_manufacturing_pack:1.0.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	integration_bus_manufacturing_pack	1.0.0.0	cpe:2.3:a:ibm:integration_bus_manufacturing_pack:1.0.0.0:::::::*

References

www-01.ibm.com/support/docview.wss?uid=swg1IT03567

www-01.ibm.com/support/docview.wss?uid=swg21682696

exchange.xforce.ibmcloud.com/vulnerabilities/95457

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

55.1%

JSON

Related for CVE-2014-4820