mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
103 lines
3.4 KiB
JSON
103 lines
3.4 KiB
JSON
{
|
|
"id": "CVE-2015-0144",
|
|
"sourceIdentifier": "psirt@us.ibm.com",
|
|
"published": "2015-10-03T22:59:05.237",
|
|
"lastModified": "2015-10-05T20:35:57.483",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Cross-site scripting (XSS) vulnerability in IBM OpenPages GRC Platform 6.2 before IF7, 6.2.1 before 6.2.1.1 IF5, 7.0 before FP4, and 7.1 before FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8916."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de XSS en IBM OpenPages GRC Platform 6.2 en versiones anteriores a IF7, 6.2.1 en versiones anteriores a 6.2.1.1 IF5, 7.0 en versiones anteriores a FP4, y 7.1 en versiones anteriores a FP1 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de una URL manipulada, una vulnerabilidad diferente a CVE-2014-8916."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "SINGLE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 3.5
|
|
},
|
|
"baseSeverity": "LOW",
|
|
"exploitabilityScore": 6.8,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-79"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:openpages_grc_platform:6.2.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "54BA37D4-0541-4838-9BBA-CFC30BE0B6F4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:openpages_grc_platform:6.2.1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A0785357-74B9-4D09-A7FF-F39A231DAFB8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:openpages_grc_platform:6.2.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BB077E63-4008-47F9-851C-2260DDD9AFFD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:openpages_grc_platform:7.0.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2F1D9B2D-B882-45A9-AF54-D560FE221C46"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:openpages_grc_platform:7.1.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6A1371BD-17B2-4FA4-B5AA-B5A35F283277"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21963358",
|
|
"source": "psirt@us.ibm.com",
|
|
"tags": [
|
|
"Patch",
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |