Lucene search

IbmCVE-2015-0122

HistoryMar 13, 2015 - 1:59 a.m.

CVE-2015-0122

2015-03-1301:59:22

CWE-79

ibm

web.nvd.nist.gov

"cve-2015-0122

cross-site scripting

xss

ibm rational team concert

security vulnerability"

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

35.4%

JSON

Cross-site scripting (XSS) vulnerability in IBM Rational Team Concert 2.x and 3.x before 3.0.1.6 iFix 5, 4.x before 4.0.7 iFix3, and 5.x before 5.0.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2015-0123.

Affected configurations

Nvd

Node

ibmrational_team_concertMatch2.0.0.2

ibmrational_team_concertMatch3.0

ibmrational_team_concertMatch3.0.1

ibmrational_team_concertMatch3.0.1.1

ibmrational_team_concertMatch3.0.1.2

ibmrational_team_concertMatch3.0.1.3

ibmrational_team_concertMatch3.0.1.4

ibmrational_team_concertMatch3.0.1.5

ibmrational_team_concertMatch3.0.1.6

ibmrational_team_concertMatch4.0

ibmrational_team_concertMatch4.0.0.1

ibmrational_team_concertMatch4.0.0.2

ibmrational_team_concertMatch4.0.1

ibmrational_team_concertMatch4.0.2

ibmrational_team_concertMatch4.0.3

ibmrational_team_concertMatch4.0.4

ibmrational_team_concertMatch4.0.5

ibmrational_team_concertMatch4.0.6

ibmrational_team_concertMatch4.0.7

ibmrational_team_concertMatch5.0.0

ibmrational_team_concertMatch5.0.1

VendorProductVersionCPE
ibmrational_team_concert2.0.0.2cpe:2.3:a:ibm:rational_team_concert:2.0.0.2:*:*:*:*:*:*:*
ibmrational_team_concert3.0cpe:2.3:a:ibm:rational_team_concert:3.0:*:*:*:*:*:*:*
ibmrational_team_concert3.0.1cpe:2.3:a:ibm:rational_team_concert:3.0.1:*:*:*:*:*:*:*
ibmrational_team_concert3.0.1.1cpe:2.3:a:ibm:rational_team_concert:3.0.1.1:*:*:*:*:*:*:*
ibmrational_team_concert3.0.1.2cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:*:*:*:*:*:*:*
ibmrational_team_concert3.0.1.3cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:*:*:*:*:*:*:*
ibmrational_team_concert3.0.1.4cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:*:*:*:*:*:*:*
ibmrational_team_concert3.0.1.5cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:*:*:*:*:*:*:*
ibmrational_team_concert3.0.1.6cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:*:*:*:*:*:*:*
ibmrational_team_concert4.0cpe:2.3:a:ibm:rational_team_concert:4.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	rational_team_concert	2.0.0.2	cpe:2.3:a:ibm:rational_team_concert:2.0.0.2:::::::*
ibm	rational_team_concert	3.0	cpe:2.3:a:ibm:rational_team_concert:3.0:::::::*
ibm	rational_team_concert	3.0.1	cpe:2.3:a:ibm:rational_team_concert:3.0.1:::::::*
ibm	rational_team_concert	3.0.1.1	cpe:2.3:a:ibm:rational_team_concert:3.0.1.1:::::::*
ibm	rational_team_concert	3.0.1.2	cpe:2.3:a:ibm:rational_team_concert:3.0.1.2:::::::*
ibm	rational_team_concert	3.0.1.3	cpe:2.3:a:ibm:rational_team_concert:3.0.1.3:::::::*
ibm	rational_team_concert	3.0.1.4	cpe:2.3:a:ibm:rational_team_concert:3.0.1.4:::::::*
ibm	rational_team_concert	3.0.1.5	cpe:2.3:a:ibm:rational_team_concert:3.0.1.5:::::::*
ibm	rational_team_concert	3.0.1.6	cpe:2.3:a:ibm:rational_team_concert:3.0.1.6:::::::*
ibm	rational_team_concert	4.0	cpe:2.3:a:ibm:rational_team_concert:4.0:::::::*

Rows per page:

1-10 of 211

References

www-01.ibm.com/support/docview.wss?uid=swg21698253

www.securityfocus.com/bid/73093

www.securitytracker.com/id/1031884

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

35.4%

JSON

Related for CVE-2015-0122