PT-2018-4426 · Ibm · Ibm Rational Engineering Lifecycle Manager
Publicado
2018-01-16
·
Atualizado
2018-02-01
·
CVE-2015-7486
CVSS v2.0
3.5
Baixa
| Vetor | AV:N/AC:M/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Rational Engineering Lifecycle Manager versions 3.0 through 3.0.1.6 iFix7 Interim Fix 1
IBM Rational Engineering Lifecycle Manager versions 4.0 through 4.0.7 iFix10
IBM Rational Engineering Lifecycle Manager versions 5.0 through 5.0.2 iFix15
IBM Rational Engineering Lifecycle Manager versions 6.0 through 6.0.1 iFix4
Description
A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Recommendations
For versions 3.0 through 3.0.1.6 iFix7 Interim Fix 1, update to version 3.0.1.6 iFix7 Interim Fix 1 or later.
For versions 4.0 through 4.0.7 iFix10, update to version 4.0.7 iFix10 or later.
For versions 5.0 through 5.0.2 iFix15, update to version 5.0.2 iFix15 or later.
For versions 6.0 through 6.0.1 iFix4, update to version 6.0.1 iFix4 or later.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Rational Engineering Lifecycle Manager