CVE-2015-7439

Cross-site scripting (XSS) vulnerability in InfoSphere Data Architect (IDA), as distributed in IBM Rational Software Architect 8.5 through 9.5, Rational Software Architect for WebSphere Software (RSA4WS) 8.5 through 9.5, and Rational Software Architect RealTime (RSART) 8.5 through 9.5, allows remote attackers to inject arbitrary web script or HTML via a crafted URL.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.1 MEDIUM
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
VendorProductVersion
ibmrational_software_architect_realtime
8.5.0
ibmrational_software_architect_realtime
8.5.1
ibmrational_software_architect_realtime
8.5.1.0
ibmrational_software_architect_realtime
8.5.5
ibmrational_software_architect_realtime
8.5.5.1
ibmrational_software_architect_realtime
8.5.5.2
ibmrational_software_architect_realtime
8.5.5.3
ibmrational_software_architect_realtime
8.5.5.4
ibmrational_software_architect_realtime
9.0.0
ibmrational_software_architect_realtime
9.0.0.1
ibmrational_software_architect_realtime
9.1.0
ibmrational_software_architect_realtime
9.1.1
ibmrational_software_architect_realtime
9.1.2
ibmrational_software_architect_realtime
9.1.2.1
ibmrational_software_architect_realtime
9.5.0
ibmrational_software_architect_for_websphere_software
8.5.0
ibmrational_software_architect_for_websphere_software
8.5.1
ibmrational_software_architect_for_websphere_software
8.5.1.0
ibmrational_software_architect_for_websphere_software
8.5.5
ibmrational_software_architect_for_websphere_software
8.5.5.2
ibmrational_software_architect_for_websphere_software
8.5.5.3
ibmrational_software_architect_for_websphere_software
8.5.5.4
ibmrational_software_architect_for_websphere_software
9.0.0
ibmrational_software_architect_for_websphere_software
9.0.0.1
ibmrational_software_architect_for_websphere_software
9.1.0
ibmrational_software_architect_for_websphere_software
9.1.1
ibmrational_software_architect_for_websphere_software
9.1.2
ibmrational_software_architect_for_websphere_software
9.1.2.1
ibmrational_software_architect_for_websphere_software
9.5.0
ibmrational_software_architect_for_websphere_software\'
8.5.5.1
ibmrational_software_architect
8.5.0
ibmrational_software_architect
8.5.1
ibmrational_software_architect
8.5.1.0
ibmrational_software_architect
8.5.5
ibmrational_software_architect
8.5.5.1
ibmrational_software_architect
8.5.5.2
ibmrational_software_architect
8.5.5.3
ibmrational_software_architect
8.5.5.4
ibmrational_software_architect
9.0.0
ibmrational_software_architect
9.0.0.1
ibmrational_software_architect
9.1.0
ibmrational_software_architect
9.1.1
ibmrational_software_architect
9.1.2
ibmrational_software_architect
9.1.2.1
ibmrational_software_architect
9.5.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21972909
http://www-01.ibm.com/support/docview.wss?uid=swg21972909