Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3297

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2012-3297
Last Modified 13 Mar 2013 11:09:01
Published 08 Dec 2012 10:55:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-3297

Summary

Cross-site scripting (XSS) vulnerability in the embedded HTTP server in the Service Console in IBM Tivoli Monitoring 6.2.2 before 6.2.2-TIV-ITM-FP0009 and 6.3.2 before 6.2.3-TIV-ITM-FP0001 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.

Vulnerable Systems

Application

  • Ibm Tivoli Monitoring 6.2.2

  • Ibm Tivoli Monitoring 6.2.3


References

CONFIRM - https://www.ibm.com/support/docview.wss?uid=swg21618972

XF - tivolimonitoring-hmc-xss(77291)

SECTRACK - 1027850


Last Updated: 27 May 2016 11:01:27