CVE-2014-6100

{"id": "CVE-2014-6100", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2014-10-19T01:55:15.717", "references": [{"url": "http://secunia.com/advisories/61061", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686581", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96005", "source": "psirt@us.ibm.com"}, {"url": "http://secunia.com/advisories/61061", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686581", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96005", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Admin UI in IBM Tivoli Directory Server 6.1 before 6.1.0.64-ISS-ITDS-IF0064, 6.2 before 6.2.0.39-ISS-ITDS-FP0039, and 6.3 before 6.3.0.33-ISS-ITDS-IF0033, and IBM Security Directory Server 6.3.1 before 6.3.1.7-ISS-ISDS-IF0007, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL."}, {"lang": "es", "value": "Vulnerabilidad de XSS en la interfaz del usuario de administraci\u00f3n en IBM Tivoli Directory Server 6.1 anterior a 6.1.0.64-ISS-ITDS-IF0064, 6.2 anterior a 6.2.0.39-ISS-ITDS-FP0039, y 6.3 anterior a 6.3.0.33-ISS-ITDS-IF0033, e IBM Security Directory Server 6.3.1 anterior a 6.3.1.7-ISS-ISDS-IF0007, permite a usuarios remotos autenticados inyectar secuencias de comandos web a trav\u00e9s de una URL manipulada."}], "lastModified": "2024-11-21T02:13:46.730", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76D71241-E8BE-4E48-8E25-DFCC919FF5E9"}, {"criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47D9A14A-E167-49AF-B675-B7C7933F64D5"}, {"criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E22DDAC-4419-4214-BBB8-4984AA8F9090"}, {"criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC77DA6D-55EC-4B98-9E75-57F9AD0642DA"}, {"criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0837005C-126A-4800-A3B1-74A22F0DC617"}, {"criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07D1C332-CFFA-4FA5-9BEF-673BE30E8378"}, {"criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69DE7246-2030-4F00-A3B5-B9E911441449"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06626F2E-605A-4AA0-839D-B035336453E1"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F468434-0317-435A-B2A6-5923A88A090F"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E79197BC-3BDF-4F38-B63F-1B2A658B645F"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7B1402A-B3C3-4210-928F-6EFCCE2DE1CF"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92D48F0B-C9E2-4381-8463-83FF47136EB8"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36308D0C-D92C-4857-A857-097F383EE76C"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A84CEB80-796F-4928-A2A0-73E604543A70"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "462385FC-F345-42EE-ABF0-E1781CC648A9"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F10F3910-5616-41A2-A3BF-18FA4DD68631"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51C34738-5F9B-43A7-987F-EB805B31119E"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AA93B63-9D15-4784-8585-DBC139A382E7"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55D84E30-1F23-4A6A-B622-78DBEEBEFB46"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50C9A7DF-6968-41CC-911A-B746CB43AA82"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EA493E1-F791-4FE5-9F7E-36CAC0D942C2"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7365156-4EA3-476A-A395-FADEDF1BA80A"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "321B15BC-2653-4B64-A5AE-9FCA6A08713C"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A1B527B-E07D-4543-92A6-0EE58CB8FECC"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CDBA9D2-E683-431A-B06C-5CCA55E44EA9"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EF4AFCB-755A-40E9-AB2B-4FDFD10B0388"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86556AFA-F4F5-4C29-B59D-DC5281375E07"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5E16D75E-7678-48AF-AA2D-33C167ACC99E"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBB97A26-E8A9-418C-87C9-F4837BF6680A"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFFA6A4C-8EE2-4898-9AEB-CA5EBE4BC5E9"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.23:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3922010D-4867-402C-9EC5-98FDEB281EA0"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.24:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EBC6C026-A23F-4A12-BE0C-3333B9D5A0DE"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "297D92F4-51B0-4DC0-B872-984AD0A6008F"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B93E759-1B76-421D-9684-F6FF77A99E6C"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.27:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "344605B3-15C9-4E36-A22B-7EBC1207A03E"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.28:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F15D60CA-8B3C-48D7-A860-1B72BCA14CFA"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD03B74B-E234-4757-8D98-896DEA4CED7F"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.30:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAF9CDD0-3F78-4489-A18D-40A1FAF705F1"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.31:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CBF6D03-9A58-477D-B5D0-030A373A58AA"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7C7636BE-22BB-44C3-B303-9780E2A24487"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.33:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E4E6E83-914D-467F-9EEA-56669B95CCAD"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.34:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38BBCED9-4260-40DC-A9A6-40CDB09BA92E"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D297D508-ACC2-41E7-B3F5-5AEDFE3E2453"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DBD3BA3E-E015-4CB7-B686-19F45F8221C1"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "90F615EC-7530-468D-B62E-B07A1FE0431B"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E278A8E-D7B6-450C-92D6-9955B22E18C5"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.39:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB9D85F4-1019-419D-8769-B1636385384C"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.45:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A43ECBF2-8D39-469F-8D45-B2FA44B3A9FC"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.46:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18ABDC8A-118C-4A35-A396-1020A9469D82"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.47:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38204AD1-BF0E-4521-9EE6-66214B4A353B"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.48:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "218DD29F-18C9-489D-9273-4705BFCDE0F6"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.63:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61B7FD9C-FEA9-4001-BD48-10B02B38989E"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5682108-A76B-443A-A172-7F17F54B5983"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7165C049-258B-425D-B36B-152BBF3F8727"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "653551D3-88A3-4E69-A1B1-64326BEF1F18"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CBAF2E5-4931-41AF-BCDA-D769B06FB05E"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98186E56-0F75-4306-9E34-A388EA2FD6C4"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FC2A00D-4A9E-4BB7-81E6-A0D3A8434EA3"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0CB6BE6-C851-4C31-A016-CCD4937277D9"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2260260B-B69E-4B59-A0D1-1F71B92ABDFA"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8BFF1C8-8AEA-43FC-B76C-F4A44A713F9E"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E08631DE-72C4-462B-9763-41783EA8963C"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50315494-8C1B-436B-8E24-8B8CA565FB17"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2759F8BC-8400-4AB1-81DD-51BD69BB720E"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEEB330D-5FC6-424B-85EF-06A56329FFEC"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3588C1D0-3C8F-4C7A-A7F7-94EE51FA7ECF"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33DE5E95-BA4A-42A2-B376-373331D9934E"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D5D35E5-AFBE-4D90-9E89-9251C45CF0DB"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.15:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B87492D7-D0C6-4E4A-87B3-F44BC3149101"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.19:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "262F93A7-54A6-4D06-B5D1-FF6F7740044B"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.20:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4798A6D-E4F3-4481-B2C2-DCA4BCD97572"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.21:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE5E8D59-79F9-46D1-A1A7-608FA49F7121"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.22:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB8B3BE0-2515-4CB1-B124-5462703CD32B"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3DD471E9-2DD0-4364-ABC2-9CFC0747A477"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5C3DDD9-9013-414E-B5EB-65F576E12778"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D48029C-3455-46A6-A8CA-8013A167979B"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D872267B-B01D-4723-A522-8CDF684CB980"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2234E088-31ED-4BBF-94C5-131E3B0CB994"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CCF803A-86AE-4875-ABD8-2DDB44D88F56"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB3E505A-C749-4465-964F-0699DB9C094A"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3B64779-4C28-4538-8F3C-EE32152AA8AD"}, {"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.32:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CEFC8686-795C-455B-B411-BD56E91683CD"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}