CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0824

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.x before 7.1.1.8 LAFIX.20140319-0839 and 7.1.1.12 before IFIX.20140321-1336 and Tivoli IT Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB) 7.x before 7.1.1.8 LAFIX.20140319-0839 and 7.1.1.12 before IFIX.20140218-1510 allows remote authenticated users to inject arbitrary web script or HTML via an attachment URL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.0%

CVSS Severity

CVSS v2 Score 3.5

References

Products affected by CVE-2014-0824

Ibm » Change And Configuration Management Database » Version: 7.0

cpe:2.3:a:ibm:change_and_configuration_management_database:7.0
Ibm » Change And Configuration Management Database » Version: 7.1

cpe:2.3:a:ibm:change_and_configuration_management_database:7.1
Ibm » Change And Configuration Management Database » Version: 7.1.1.12

cpe:2.3:a:ibm:change_and_configuration_management_database:7.1.1.12
Ibm » Change And Configuration Management Database » Version: 7.1.1.7

cpe:2.3:a:ibm:change_and_configuration_management_database:7.1.1.7
Ibm » Change And Configuration Management Database » Version: 7.1.1.8

cpe:2.3:a:ibm:change_and_configuration_management_database:7.1.1.8
Ibm » Maximo Asset Management » Version: 7.1

cpe:2.3:a:ibm:maximo_asset_management:7.1
Ibm » Maximo Asset Management » Version: 7.1.1

cpe:2.3:a:ibm:maximo_asset_management:7.1.1
Ibm » Maximo Asset Management » Version: 7.1.1.1

cpe:2.3:a:ibm:maximo_asset_management:7.1.1.1
Ibm » Maximo Asset Management » Version: 7.1.1.12

cpe:2.3:a:ibm:maximo_asset_management:7.1.1.12
Ibm » Maximo Asset Management » Version: 7.1.1.2

cpe:2.3:a:ibm:maximo_asset_management:7.1.1.2
Ibm » Maximo Asset Management » Version: 7.1.1.5

cpe:2.3:a:ibm:maximo_asset_management:7.1.1.5
Ibm » Maximo Asset Management » Version: 7.1.1.6

cpe:2.3:a:ibm:maximo_asset_management:7.1.1.6
Ibm » Maximo Asset Management » Version: 7.1.1.7

cpe:2.3:a:ibm:maximo_asset_management:7.1.1.7
Ibm » Maximo Asset Management » Version: 7.1.1.8

cpe:2.3:a:ibm:maximo_asset_management:7.1.1.8
Ibm » Maximo Service Desk » Version: 7.1.1.12

cpe:2.3:a:ibm:maximo_service_desk:7.1.1.12
Ibm » Maximo Service Desk » Version: 7.1.1.7

cpe:2.3:a:ibm:maximo_service_desk:7.1.1.7
Ibm » Maximo Service Desk » Version: 7.1.1.8

cpe:2.3:a:ibm:maximo_service_desk:7.1.1.8
Ibm » Tivoli It Asset Management For It » Version: 7.1.1.12

cpe:2.3:a:ibm:tivoli_it_asset_management_for_it:7.1.1.12
Ibm » Tivoli It Asset Management For It » Version: 7.1.1.7

cpe:2.3:a:ibm:tivoli_it_asset_management_for_it:7.1.1.7
Ibm » Tivoli It Asset Management For It » Version: 7.1.1.8

cpe:2.3:a:ibm:tivoli_it_asset_management_for_it:7.1.1.8
Ibm » Tivoli Service Request Manager » Version: 7.0

cpe:2.3:a:ibm:tivoli_service_request_manager:7.0
Ibm » Tivoli Service Request Manager » Version: 7.1.0

cpe:2.3:a:ibm:tivoli_service_request_manager:7.1.0
Ibm » Tivoli Service Request Manager » Version: 7.1.1

cpe:2.3:a:ibm:tivoli_service_request_manager:7.1.1
Ibm » Tivoli Service Request Manager » Version: 7.1.1.12

cpe:2.3:a:ibm:tivoli_service_request_manager:7.1.1.12
Ibm » Tivoli Service Request Manager » Version: 7.1.1.7

cpe:2.3:a:ibm:tivoli_service_request_manager:7.1.1.7
Ibm » Tivoli Service Request Manager » Version: 7.1.1.8

cpe:2.3:a:ibm:tivoli_service_request_manager:7.1.1.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-0824

Products

Pricing

Contact Us