Boletines de Vulnerabilidades

IBM Security Bulletin: Open Redirect and Cross-Site Scripting Vulnerabilities in help system for InfoSphere MDM Server, InfoSphere Master Information Hub and InfoSphere MDM Custom Domain Hub (CVE-2012

Información sobre el sistema
   
Software afectado IBM

Descripción
Some scripts in the help system used by InfoSphere Master Data Management Server, InfoSphere Master Information Hub, and InfoSphere Master Data Management Custom Domain Hub are vulnerable to open redirect or cross-site scripting attacks. These vulnerabilities exist only for those customers that choose to install the help system (Information Center). The publicly available Information Centers hosted by IBM do not have these vulnerabilities. CVE(s): CVE-2012-2159 and CVE-2012-2161 Affected

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_open_redirect_and_cross_site_scripting_vulnerabilities_in_help_system_for_infosphere_mdm_server_infosphere_master_information_hub_and_infosphere_mdm_custom_domain_hub_cve_201

Identificadores estándar
Propiedad Valor
CVE

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-05-23

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT