Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: Cross-site Scripting Vulnerability Addressed in Asset and Service Management (CVE-2014-0915) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
Cross-site scripting security vulnerability on KPI display name field and various portlet fields in Maximo Asset Mgmt, Tivoli Asset Mgmt for IT, Tivoli Service Request Mgr, Change and Configuration Mgmt Database, and SmartCloud Control Desk. CVE(s): CVE-2014-0915 Affected product(s) and affected version(s): 1. Maximo Asset Management 7.5, 7.1, 6.2 2. Maximo Asset Management Essentials 7.5, 7.1, 6.2 3. Maximo for Government 7.5, 7.1, 6.2 4. Maximo for Nuclear Power 7.5, 7.1, 6.2, 6.3 5. More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_cross_site_scripting_vulnerability_addressed_in_asset_and_service_management_cve_2014_0915?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2014-0915 ,CVE-2014-0114 ,CVE-2014-0889 ,CVE-2014-0224 and CVE-2014-3050. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-07-31 |