Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-6121

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2014-6121
Last Modified 23 Dec 2014 10:30:11
Published 22 Dec 2014 09:59:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2014-6121

Summary

Cross-site scripting (XSS) vulnerability in IBM Security AppScan Enterprise 8.5 before 8.5 IFix 002, 8.6 before 8.6 IFix 004, 8.7 before 8.7 IFix 004, 8.8 before 8.8 iFix 003, 9.0 before 9.0.0.1 iFix 003, and 9.0.1 before 9.0.1 iFix 001 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Vulnerable Systems

Application

  • Ibm Security Appscan 8.5

  • Ibm Security Appscan 8.6

  • Ibm Security Appscan 8.7

  • Ibm Security Appscan 8.8

  • Ibm Security Appscan 9.0

  • Ibm Security Appscan 9.0.0.1

  • Ibm Security Appscan Source 9.0.1


References

XF - ibm-appscan-cve20146121-xss(96722)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21693035


Last Updated: 27 May 2016 11:07:20