CVE-2014-6100

Cross-site scripting (XSS) vulnerability in the Admin UI in IBM Tivoli Directory Server 6.1 before 6.1.0.64-ISS-ITDS-IF0064, 6.2 before 6.2.0.39-ISS-ITDS-FP0039, and 6.3 before 6.3.0.33-ISS-ITDS-IF0033, and IBM Security Directory Server 6.3.1 before 6.3.1.7-ISS-ISDS-IF0007, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:security_directory_server:6.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_directory_server:6.3.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_directory_server:6.3.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_directory_server:6.3.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_directory_server:6.3.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_directory_server:6.3.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:security_directory_server:6.3.1.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.11:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.12:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.13:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.14:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.15:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.17:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.18:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.19:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.20:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.21:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.22:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.23:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.24:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.25:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.26:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.27:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.28:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.29:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.30:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.31:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.32:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.33:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.34:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.35:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.36:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.37:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.38:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.39:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.45:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.46:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.47:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.48:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.63:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.11:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.12:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.13:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.14:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.15:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.19:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.20:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.21:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.22:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.38:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.32:*:*:*:*:*:*:*

History

21 Nov 2024, 02:13

Type Values Removed Values Added
References () http://secunia.com/advisories/61061 - () http://secunia.com/advisories/61061 -
References () http://www-01.ibm.com/support/docview.wss?uid=swg21686581 - Vendor Advisory () http://www-01.ibm.com/support/docview.wss?uid=swg21686581 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/96005 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/96005 -

Information

Published : 2014-10-19 01:55

Updated : 2024-11-21 02:13


NVD link : CVE-2014-6100

Mitre link : CVE-2014-6100

CVE.ORG link : CVE-2014-6100


JSON object : View

Products Affected

ibm

  • security_directory_server
  • tivoli_directory_server
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')