CVE-2014-6137

Name of the Vulnerable Software and Affected Versions IBM Tivoli Endpoint Manager versions prior to 9.1.1229

Description A cross-site scripting (XSS) issue exists in the Relay Diagnostic page, allowing remote attackers to inject arbitrary web script or HTML. This could potentially lead to unauthorized actions on the affected system.

Recommendations For versions prior to 9.1.1229, update to version 9.1.1229 or later to resolve the issue. As a temporary workaround, consider restricting access to the Relay Diagnostic page until the update is applied.