| Vulnerability Name: | CVE-2012-5939 (CCN-80494) | ||||||||
| Assigned: | 2012-11-21 | ||||||||
| Published: | 2013-03-03 | ||||||||
| Updated: | 2017-08-29 | ||||||||
| Summary: | Cross-site scripting (XSS) vulnerability in Welcome.do in the Data Management Portal Web User Interface in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.x before 7.2.1.4 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | ||||||||
| CVSS v3 Severity: | 2.6 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N) 3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N/E:H/RL:OF/RC:C)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N/E:H/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-79 | ||||||||
| Vulnerability Consequences: | Cross-Site Scripting | ||||||||
| References: | Source: MITRE Type: CNA CVE-2012-5939 Source: CCN Type: SA52128 IBM Tivoli Application Dependency Discovery Manager Web UI Portal Multiple Vulnerabilities Source: AIXAPAR Type: UNKNOWN IV32391 Source: CCN Type: IBM Security Bulletin 1625935 TADDM Web UI security vulnerabilities (CVE-2012-5939,CVE-2012-5942) Source: CONFIRM Type: Patch, Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21625935 Source: CCN Type: BID-57878 IBM Tivoli Application Dependency Discovery Manager Web UI Portal Multiple Security Vulnerabilities Source: XF Type: UNKNOWN taddm-welcome-xss(80494) Source: XF Type: UNKNOWN taddm-welcome-xss(80494) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| BACK | |||||||||