Lucene search

IbmCVE-2014-6126

HistoryOct 28, 2014 - 7:55 p.m.

CVE-2014-6126

2014-10-2819:55:03

CWE-79

ibm

web.nvd.nist.gov

cve

2014

6126

xss

vulnerability

ibm

websphere portal

8.5.0

cf03

remote attackers

web script

html

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

56.6%

JSON

Cross-site scripting (XSS) vulnerability in IBM WebSphere Portal 8.5.0 before CF03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected configurations

Nvd

Node

ibmwebsphere_portalMatch8.5.0.0

VendorProductVersionCPE
ibmwebsphere_portal8.5.0.0cpe:2.3:a:ibm:websphere_portal:8.5.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	websphere_portal	8.5.0.0	cpe:2.3:a:ibm:websphere_portal:8.5.0.0:::::::*

References

www-01.ibm.com/support/docview.wss?uid=swg1PI26889

www-01.ibm.com/support/docview.wss?uid=swg21684651

www.securityfocus.com/bid/70756

exchange.xforce.ibmcloud.com/vulnerabilities/96783

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.7

Confidence

High

EPSS

0.002

Percentile

56.6%

JSON

Related for CVE-2014-6126