Cross-site Scripting Vulnerability in IBM Tivoli Application Dependency Discovery Manager
CVE-2014-6150

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Application Dependency Discovery Manager
Vendor: CVE Published:; 31 October 2014

Summary

A Cross-site Scripting (XSS) vulnerability exists in IBM Tivoli Application Dependency Discovery Manager versions 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2. This vulnerability enables remote authenticated users to execute arbitrary web scripts or HTML through specially crafted URLs, posing significant risks to the security of the affected systems and their data. Exploitation of this vulnerability could lead to unauthorized actions taken on behalf of users, making it crucial for organizations to implement appropriate security measures.

References

http://secunia.com/advisories/61785

third-party-advisoryx_refsource_SECUNIA

http://www-01.ibm.com/support/docview.wss?uid=swg21688424

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/96920

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Oct 31, 2014
Vulnerability Reserved
Sep 2, 2014