CVE-2013-4007 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	3.5 UNKNOWN	NETWORK	MEDIUM		AV:N/AC:M/Au:S/C:N/I:P/A:N
ibm	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 38%

Vendor	Product	Version
ibm	advanced_management_module	𝑥 ≤ 2.48
ibm	advanced_management_module	𝑥 ≤ 3.54
ibm	advanced_management_module	1.00
ibm	advanced_management_module	1.01
ibm	advanced_management_module	1.20
ibm	advanced_management_module	1.20:f
ibm	advanced_management_module	1.25
ibm	advanced_management_module	1.25:e
ibm	advanced_management_module	1.25:i
ibm	advanced_management_module	1.26:b
ibm	advanced_management_module	1.26:e
ibm	advanced_management_module	1.26:h
ibm	advanced_management_module	1.26:i
ibm	advanced_management_module	1.26:k
ibm	advanced_management_module	1.28:g
ibm	advanced_management_module	1.32:d
ibm	advanced_management_module	1.34:b
ibm	advanced_management_module	1.34:e
ibm	advanced_management_module	1.36:d
ibm	advanced_management_module	1.36:g
ibm	advanced_management_module	1.36:h
ibm	advanced_management_module	1.36:k
ibm	advanced_management_module	1.42:d
ibm	advanced_management_module	1.42:f
ibm	advanced_management_module	1.42:i
ibm	advanced_management_module	1.42:n
ibm	advanced_management_module	1.42:o
ibm	advanced_management_module	1.42:t
ibm	advanced_management_module	2.46:c
ibm	advanced_management_module	2.46:j
ibm	advanced_management_module	2.48:c
ibm	advanced_management_module	2.48:d
ibm	advanced_management_module	2.48:g
ibm	advanced_management_module	2.48:n
ibm	advanced_management_module	2.50:c
ibm	advanced_management_module	2.50:g
ibm	advanced_management_module	2.50:k
ibm	advanced_management_module	2.50:p
ibm	advanced_management_module	3.54:d

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References

http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093491

https://exchange.xforce.ibmcloud.com/vulnerabilities/85274

http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093491

https://exchange.xforce.ibmcloud.com/vulnerabilities/85274