| Vulnerability Name: | CVE-2011-2606 (CCN-68119) | ||||||||
| Assigned: | 2011-06-20 | ||||||||
| Published: | 2011-06-20 | ||||||||
| Updated: | 2017-08-29 | ||||||||
| Summary: | Cross-site scripting (XSS) vulnerability in the Web UI in IBM Rational Team Concert (RTC) 3.0 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Work Item 165511. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-79 | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2011-2606 Source: MITRE Type: CNA CVE-2011-2607 Source: CCN Type: SA44926 IBM Rational Team Concert Cross-Site Scripting Vulnerabilities Source: SECUNIA Type: Vendor Advisory 44926 Source: AIXAPAR Type: UNKNOWN PM40308 Source: OSVDB Type: UNKNOWN 73198 Source: CCN Type: OSVDB ID: 73198 IBM Rational Team Concert Multiple Unspecified XSS Source: BID Type: UNKNOWN 48356 Source: CCN Type: BID-48356 IBM Rational Team Concert Multiple Unspecified Cross Site Scripting Vulnerabilities Source: XF Type: UNKNOWN rational-team-unspec-xss(68119) Source: XF Type: UNKNOWN rational-team-unspec-xss(68119) Source: CCN Type: IBM APAR PM40308 [wi 165511] XSS vulnerability found in parameter. Source: CCN Type: IBM APAR PM40311 [wi 165513] XSS vulnerability found in parameter - process | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||