CVE-2010-0714

{"id": "CVE-2010-0714", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2010-02-26T19:30:00.743", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233", "source": "cve@mitre.org"}, {"url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/38412", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1023660", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56508", "source": "cve@mitre.org"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21421469", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1PM03233", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.hacktics.com/content/advisories/AdvIBM20100224.html", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/509744/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/38412", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1023660", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56508", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), and IBM Lotus Workplace Web Content Management 5.1.0.0 through 5.1.0.5, 6.0.0.0 through 6.0.0.4, 6.0.1.0 through 6.0.1.7, 6.1.0.0 through 6.1.0.3, and 6.1.5.0; and IBM Lotus Quickr services 8.0, 8.0.0.2, 8.1, 8.1.1, and 8.1.1.1 for WebSphere Portal; allows remote attackers to inject arbitrary web script or HTML via the query string."}, {"lang": "es", "value": "Vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en IBM WebSphere Portal, IBM Lotus Web Content Management (WCM), y IBM Lotus Workplace Web Content Management v5.1.0.0 hasta v5.1.0.5, v6.0.0.0 hasta v6.0.0.4, v6.0.1.0 hasta v6.0.1.7, v6.1.0.0 hasta v6.1.0.3, y v6.1.5.0; y IBM Lotus Quickr services v8.0, v8.0.0.2, v8.1, v8.1.1, y v8.1.1.1 para WebSphere Portal; permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del cadena \"query\"."}], "lastModified": "2024-11-21T01:12:48.503", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B4DF048-224A-43DB-A796-44EAF9CD8838"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA05BB8A-C367-4A09-87A4-C9D9C46AE52B"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23785ACE-3F00-430E-B9ED-940A70A3201C"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F885AD0-1134-483C-9A69-98AC0D60E79B"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AF22D6E-7B21-4657-89ED-A7EF20BFF81F"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:5.1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13570CD6-7D5F-4665-A982-9E83FA25C68C"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C753E1B-D81B-4995-877E-58EDD6F49DDB"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D54D4DB-FA55-47AE-9E19-FB8368FD40C8"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FEB7016-D077-402A-99C7-E6F6290F1D0C"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C064D03F-D49C-4A2F-A23D-3ADC18EC277A"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FDA430B-8996-43D4-BDBD-07A5C9EDB339"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "092F8012-A1EE-46CE-B2B2-0604BF4ACBBA"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FC6A48A-E669-4AA0-AD83-85778A7B6C67"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F8C5AD9-2086-4131-A03C-02A89D822080"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82FC2F98-1E99-4B50-88D5-7A2904F4585C"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B7F74AC-2B5E-4B6C-9551-576A4F312BBB"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC51FA38-1C63-47F5-A4CF-1128396B62C9"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBCCA8DE-50EF-4154-AF48-A8E1AA2659B3"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.0.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF550E47-49FB-4EBC-83E7-4CFCB7279FEC"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E618064A-3D05-4DC6-9A47-0EDF2427642F"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DE74154-3E79-4D56-96C4-D8E644F1419D"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA915826-5D89-43E9-83E7-88973648302A"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5DB29F4-59AB-439C-91C4-CDF677676C26"}, {"criteria": "cpe:2.3:a:ibm:websphere_portal:6.1.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F1964FC-672F-4139-938F-A8EF9D86D9C2"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9516473F-0533-4326-B880-6B6FD591473D"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "773AC6CD-7DDE-4676-8647-26C3B83354DC"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A502A57D-97DE-424E-B005-B086C1149959"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8505A74-332E-4980-ABA2-BEE7E3D7B654"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F49CBF7A-9C04-4960-B7B8-6F5C51785C56"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:5.1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F535D576-9AC7-4047-8AC3-9F1B5A961DB1"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA0D9DBB-AA57-4816-8EC6-F7479B5481E2"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87844DD4-AF06-4A91-973A-F885AD8CA569"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EC572C9B-BEBE-4619-9B34-73FD8C20F4B7"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66BC65C9-BF3E-41C0-ABD7-5587999FDA4D"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD2F018F-3356-45B1-AF0B-8E17023A04E4"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC532381-C1D3-4FE3-9E32-614B91482255"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8153B9AE-9969-4D49-8B07-9817E0C37194"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "709CE95C-FCC3-4A8B-9A47-8114BDFEAD7A"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F55351DA-AEAC-40FC-B0B0-9CC1D456F651"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1E67047-A652-4828-BCE9-AB6C369B459F"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B9A2F08-F9E6-4DC4-AFFD-77B6787FA81F"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9A727B34-8433-4571-AE1B-4F43320F57A0"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.0.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC18431F-8C85-4C3A-85B9-ADA860F6C0D2"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "108210EB-FFEF-4D69-A78D-85DA08913766"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D993AD7F-81FC-4C82-9303-699B44ECC92E"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07EE7410-8A88-468A-B773-89D8A93859E6"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF9A7C87-0DCE-4309-B344-AC106B6ECBD9"}, {"criteria": "cpe:2.3:a:ibm:lotus_web_content_management:6.1.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6141F9D-42F4-47D2-B340-356F174AA4AE"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E8D8302-74CD-436A-92BD-C08F1254A2C1"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "673674BD-D171-47AF-8169-FBF6346993E0"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "959CF397-FAC9-488D-96E5-9839EDA77494"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA0A5D8C-6C5C-4666-BDC0-8451D1C9FCB3"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF4257D6-58F8-4209-BF67-9124D1BA0B6E"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:5.1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46AF30E4-3301-401B-94E5-D7FA9E62B82F"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E986062-BBA8-4AA0-AD41-E101FEFD49EF"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "250DFAAA-67A9-4E64-B1AE-0966EAC05468"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA75DD49-E267-4306-84D8-4C3A548841A0"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53E20727-E021-442A-B7CB-AB1DFEA21374"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5434B4A9-1433-469B-8352-D0FDDD033E2B"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EA803C8-EDAC-467E-B8CE-A60612AE86F1"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "812047C9-6477-455E-8739-4407336102F7"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "10A39AB5-4BDB-4027-9F50-91BBFDAE8E0C"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20E03B68-715F-428D-84FD-F800D02DDB3A"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CE191CE-C2F4-45F7-8CF3-565832E01AB9"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "49CC6237-2E8C-415A-9C09-C8FD3F4C1E57"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22D7C604-2F9B-4AA0-BEE0-379D2C65321F"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.0.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAA1888C-A7F9-4019-8798-524EE7EB8A7B"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33D2422E-141A-414E-B283-E7BF570FFA80"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18C5D9B6-F013-46B7-AE06-609A0B11A8C5"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30E0AA87-E48E-46C3-B8DD-3C3A90322AD0"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6CA17FC6-DAE6-4FAC-B3CD-1269689314CF"}, {"criteria": "cpe:2.3:a:ibm:lotus_workplace_web_content_management:6.1.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E3CBEF3F-EB64-42D1-B23A-D3A20F900971"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "980401D7-AAF3-4AE4-9006-83D99170F5DB"}, {"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.0.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3CA670F-E987-44ED-8A2A-62CCA5D037F1"}, {"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83B3B388-0438-4806-9F21-2170428739DF"}, {"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D3C43CE-8917-4109-A185-93699004638F"}, {"criteria": "cpe:2.3:a:ibm:lotus_quickr:8.1.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "344E13DD-DAFC-4394-8371-B032D117D6AE"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}