CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-6350

Cross-site scripting (XSS) vulnerability in the Web component in IBM Cognos TM1 before 9.5.2 FP3 and 10.1 before 10.1 FP1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.4%

CVSS Severity

CVSS v2 Score 4.3

References

http://www-01.ibm.com/support/docview.wss?uid=swg21621782
https://exchange.xforce.ibmcloud.com/vulnerabilities/80670
http://www-01.ibm.com/support/docview.wss?uid=swg21621782
https://exchange.xforce.ibmcloud.com/vulnerabilities/80670

Products affected by CVE-2012-6350

Ibm » Cognos Tm1 » Version: 10.1.0

cpe:2.3:a:ibm:cognos_tm1:10.1.0
Ibm » Cognos Tm1 » Version: 9.4.1

cpe:2.3:a:ibm:cognos_tm1:9.4.1
Ibm » Cognos Tm1 » Version: 9.4.1.3

cpe:2.3:a:ibm:cognos_tm1:9.4.1.3
Ibm » Cognos Tm1 » Version: 9.5.0

cpe:2.3:a:ibm:cognos_tm1:9.5.0
Ibm » Cognos Tm1 » Version: 9.5.1

cpe:2.3:a:ibm:cognos_tm1:9.5.1
Ibm » Cognos Tm1 » Version: 9.5.2

cpe:2.3:a:ibm:cognos_tm1:9.5.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-6350

Products

Pricing

Contact Us