What is the severity of CVE-2012-0195?

CVE-2012-0195 is classified as a medium severity vulnerability due to its potential for cross-site scripting attacks.

How do I fix CVE-2012-0195?

To fix CVE-2012-0195, you should apply the latest patches and updates provided by IBM for the affected products.

Which IBM products are affected by CVE-2012-0195?

CVE-2012-0195 affects IBM Maximo Asset Management, Tivoli Asset Management for IT, and Tivoli Service Request Manager across several versions.

Can CVE-2012-0195 be exploited remotely?

Yes, CVE-2012-0195 can be exploited remotely, allowing attackers to execute malicious scripts in the context of a user's session.

What are the potential impacts of CVE-2012-0195?

The potential impacts of CVE-2012-0195 include unauthorized access to sensitive information and manipulation of web application functionality.

Vulnerability/
CVE-2012-0195

medium

4.3

CWE

13/3/2012

6/8/2024

CVE-2012-0195: XSS

First published: Tue Mar 13 2012(Updated: )

Cross-site scripting (XSS) vulnerability in the Start Center Layout and Configuration component in IBM Maximo Asset Management and Asset Management Essentials 6.2, 7.1, and 7.5; IBM Tivoli Asset Management for IT 6.2, 7.1, and 7.2; IBM Tivoli Service Request Manager 7.1 and 7.2; IBM Maximo Service Desk 6.2; and IBM Tivoli Change and Configuration Management Database (CCMDB) 6.2, 7.1, and 7.2 allows remote attackers to inject arbitrary web script or HTML via the display name.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Maximo Asset Management	=6.2
IBM Maximo Asset Management	=7.1
IBM Maximo Asset Management	=7.5
IBM Maximo Asset Management Essentials	=6.2
IBM Maximo Asset Management Essentials	=7.1
IBM Maximo Asset Management Essentials	=7.5
IBM Tivoli IT Asset Management for IT	=6.2
IBM Tivoli IT Asset Management for IT	=7.1
IBM Tivoli IT Asset Management for IT	=7.2
IBM Tivoli Service Request Manager	=7.1
IBM Tivoli Service Request Manager	=7.2
IBM Maximo Service Desk	=6.2
IBM Tivoli Change and Configuration Management Database	=6.2
IBM Tivoli Change and Configuration Management Database	=7.1
IBM Tivoli Change and Configuration Management Database	=7.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-0195?
CVE-2012-0195 is classified as a medium severity vulnerability due to its potential for cross-site scripting attacks.
How do I fix CVE-2012-0195?
To fix CVE-2012-0195, you should apply the latest patches and updates provided by IBM for the affected products.
Which IBM products are affected by CVE-2012-0195?
CVE-2012-0195 affects IBM Maximo Asset Management, Tivoli Asset Management for IT, and Tivoli Service Request Manager across several versions.
Can CVE-2012-0195 be exploited remotely?
Yes, CVE-2012-0195 can be exploited remotely, allowing attackers to execute malicious scripts in the context of a user's session.
What are the potential impacts of CVE-2012-0195?
The potential impacts of CVE-2012-0195 include unauthorized access to sensitive information and manipulation of web application functionality.

agent/references
agent/type
collector/mitre-cve
source/MITRE
agent/author
agent/last-modified-date
agent/severity
agent/description
agent/first-publish-date
agent/event
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm maximo asset management
version/ibm maximo asset management/6.2
version/ibm maximo asset management/7.1
version/ibm maximo asset management/7.5
canonical/ibm maximo asset management essentials
version/ibm maximo asset management essentials/6.2
version/ibm maximo asset management essentials/7.1
version/ibm maximo asset management essentials/7.5
canonical/ibm tivoli it asset management for it
version/ibm tivoli it asset management for it/6.2
version/ibm tivoli it asset management for it/7.1
version/ibm tivoli it asset management for it/7.2
canonical/ibm tivoli service request manager
version/ibm tivoli service request manager/7.1
version/ibm tivoli service request manager/7.2
canonical/ibm maximo service desk
version/ibm maximo service desk/6.2
canonical/ibm tivoli change and configuration management database
version/ibm tivoli change and configuration management database/6.2
version/ibm tivoli change and configuration management database/7.1
version/ibm tivoli change and configuration management database/7.2