CVE-2014-6189

{"id": "CVE-2014-6189", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2017-08-22T15:29:00.180", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21697248", "tags": ["Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "http://www.securityfocus.com/bid/73940", "tags": ["Third Party Advisory", "VDB Entry"], "source": "psirt@us.ibm.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in IBM Security Network Protection 3100, 4100, 5100, and 7100 devices with firmware 5.2 before 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0008 and 5.3 before 5.3.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}, {"lang": "es", "value": "Una vulnerabilidad tipo cross-Site Scripting (XSS) en dispositivos IBM Security Network Protection 3100, 4100, 5100, y 7100 con firmware 5.2 en versiones anteriores a la 5.2.0.0-ISS-XGS-All-Models-Hotfix-FP0008 y 5.3 en versiones anteriores a la 5.3.0.5 permite que atacantes remotos inyecten scripts web o HTML arbitrarios mediante vectores sin especificar."}], "lastModified": "2017-08-25T18:35:24.947", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ibm:security_network_protection_4100_firmware:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BE5B963-3D77-4500-805A-A6B629C71029"}, {"criteria": "cpe:2.3:o:ibm:security_network_protection_4100_firmware:5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "842EF2ED-A5AB-4105-8201-C1695B4BE5DA"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ibm:security_network_protection_4100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1556D55D-AA91-40BD-A5BB-2A1D68F5B2EF"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ibm:security_network_protection_3100_firmware:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AC312A1-66E1-4029-9DCD-E4B855E51A45"}, {"criteria": "cpe:2.3:o:ibm:security_network_protection_3100_firmware:5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C87CCA1-1B82-4FA4-BCA1-C9F721C32706"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ibm:security_network_protection_3100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C3446061-4763-41CE-AC10-25E5D104761B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ibm:security_network_protection_5100_firmware:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD96CEB1-1479-4631-AB2A-562DACF3DA5C"}, {"criteria": "cpe:2.3:o:ibm:security_network_protection_5100_firmware:5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC315025-7A19-4478-994A-925C27C4B7B8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ibm:security_network_protection_5100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "51565DE4-AC2E-4DF6-A8E9-12CF6F98289E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:ibm:security_network_protection_7100_firmware:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "273B73A8-6F24-4FAB-8230-4CC284340D7B"}, {"criteria": "cpe:2.3:o:ibm:security_network_protection_7100_firmware:5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A9B4EBC-788E-44C7-AF8A-31F1EEB5A811"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:ibm:security_network_protection_7100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6A7EB34D-E860-4FFC-8C89-311C9CCA8D96"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@us.ibm.com"}