| Vulnerability Name: | CVE-2013-6301 (CCN-88527) | ||||||||
| Assigned: | 2013-10-31 | ||||||||
| Published: | 2014-02-28 | ||||||||
| Updated: | 2017-08-29 | ||||||||
| Summary: | Cross-site scripting (XSS) vulnerability in IBM Algo One, as used in MetaData Management Tools in UDS 4.7.0 through 5.0.0, ACSWeb in Algo Security Access Control Management 4.7.0 through 4.9.0, and ACSWeb in AlgoWebApps 5.0.0, allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2013-6299, CVE-2013-6300, CVE-2013-6320, and CVE-2013-6333. | ||||||||
| CVSS v3 Severity: | 2.6 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 3.5 Low (CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N) 3.0 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N/E:H/RL:OF/RC:C)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N/E:H/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-79 | ||||||||
| Vulnerability Consequences: | Cross-Site Scripting | ||||||||
| References: | Source: MITRE Type: CNA CVE-2013-6301 Source: CCN Type: SA57139 IBM Algo One Multiple Vulnerabilities Source: CCN Type: IBM Security Bulletin 1666110 Security Bulletin: IBM Algo One Security Vulnerabilities in MetaData Management Tools (addressed in UDS) and ACSWeb (addressed in Algo Security Access Control Manager/AlgoWebApps) Source: CONFIRM Type: Vendor Advisory http://www-01.ibm.com/support/docview.wss?uid=swg21666110 Source: CCN Type: BID-65948 IBM Algo One CVE-2013-6301 Cross Site Scripting Vulnerability Source: XF Type: UNKNOWN ibm-algo-cve20136301-xss(88527) Source: XF Type: UNKNOWN ibm-algo-one-cve20136301-xss(88527) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||