Boletines de Vulnerabilidades

IBM Security Bulletin: Security vulnerabilities related to Cross-site scripting identified in Tivoli Integrated Portal (CVE-2014-6151, CVE-2014-6152)

Información sobre el sistema
   
Software afectado IBM

Descripción
Tivoli Integrated Portal (TIP) has been identified as having a Cross-site scripting security vulnerability in some TIP URLs. Further information related to the fix for this vulnerability is published in this security bulletin. CVE(s): CVE-2014-6151 and CVE-2014-6152 Affected product(s) and affected version(s): Tivoli Integrated Portal v2.2 and all fixpacks. Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin:

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_security_vulnerabilities_related_to_cross_site_scripting_identified_in_tivoli_integrated_portal_cve_2014_6151_cve_2014_61521?lang=en_us

Identificadores estándar
Propiedad Valor
CVE CVE-2014-6151 ,CVE-2014-6152 ,CVE-2014-4812 ,CVE-2014-4822 ,CVE-2014-3511 and CVE-2014-5139.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-10-24

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT