What is the severity of CVE-2013-3048?

The CVE-2013-3048 vulnerability is considered to have a medium severity due to its potential for cross-site scripting attacks.

How do I fix CVE-2013-3048?

To fix CVE-2013-3048, update IBM Maximo Asset Management to version 7.5.0.3 or later, or apply available patches provided by IBM.

Who is affected by CVE-2013-3048?

CVE-2013-3048 affects IBM Maximo Asset Management versions 6.2 through 6.2.8 and 7.1 through 7.1.1.12, along with any versions before 7.5.0.3.

What types of attacks can CVE-2013-3048 enable?

CVE-2013-3048 can enable remote authenticated users to inject arbitrary web scripts or HTML, leading to cross-site scripting (XSS) attacks.

Is CVE-2013-3048 easy to exploit?

Exploitation of CVE-2013-3048 is relatively easy for authenticated users, as it requires no special access beyond user authentication.

Vulnerability/
CVE-2013-3048

low

3.5

CWE

1/10/2013

29/8/2017

CVE-2013-3048: XSS

First published: Tue Oct 01 2013(Updated: )

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 6.2 through 6.2.8, 7.1 through 7.1.1.12, and 7.5 before 7.5.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Maximo Asset Management	=7.5.0.0
IBM Maximo Asset Management	=7.5.0.1
IBM Maximo Asset Management	=7.5.0.2
IBM Maximo Asset Management	=6.2
IBM Maximo Asset Management	=6.2.1
IBM Maximo Asset Management	=6.2.2
IBM Maximo Asset Management	=6.2.3
IBM Maximo Asset Management	=6.2.4
IBM Maximo Asset Management	=6.2.5
IBM Maximo Asset Management	=6.2.6
IBM Maximo Asset Management	=6.2.6.1
IBM Maximo Asset Management	=6.2.7
IBM Maximo Asset Management	=7.1
IBM Maximo Asset Management	=7.1.1
IBM Maximo Asset Management	=7.1.1.1
IBM Maximo Asset Management	=7.1.1.2
IBM Maximo Asset Management	=7.1.1.5
IBM Maximo Asset Management	=7.1.1.6
IBM Maximo Asset Management	=7.1.1.7
IBM Maximo Asset Management	=7.1.1.8
IBM Maximo Asset Management	=7.1.1.9
IBM Maximo Asset Management	=7.1.1.10
IBM Maximo Asset Management	=7.1.1.11

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-3048?
The CVE-2013-3048 vulnerability is considered to have a medium severity due to its potential for cross-site scripting attacks.
How do I fix CVE-2013-3048?
To fix CVE-2013-3048, update IBM Maximo Asset Management to version 7.5.0.3 or later, or apply available patches provided by IBM.
Who is affected by CVE-2013-3048?
CVE-2013-3048 affects IBM Maximo Asset Management versions 6.2 through 6.2.8 and 7.1 through 7.1.1.12, along with any versions before 7.5.0.3.
What types of attacks can CVE-2013-3048 enable?
CVE-2013-3048 can enable remote authenticated users to inject arbitrary web scripts or HTML, leading to cross-site scripting (XSS) attacks.
Is CVE-2013-3048 easy to exploit?
Exploitation of CVE-2013-3048 is relatively easy for authenticated users, as it requires no special access beyond user authentication.

collector/nvd-index
agent/references
agent/severity
agent/weakness
agent/author
agent/tags
agent/type
agent/description
agent/event
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
vendor/ibm
canonical/ibm maximo asset management
version/ibm maximo asset management/7.5.0.0
version/ibm maximo asset management/7.5.0.1
version/ibm maximo asset management/7.5.0.2
version/ibm maximo asset management/6.2
version/ibm maximo asset management/6.2.1
version/ibm maximo asset management/6.2.2
version/ibm maximo asset management/6.2.3
version/ibm maximo asset management/6.2.4
version/ibm maximo asset management/6.2.5
version/ibm maximo asset management/6.2.6
version/ibm maximo asset management/6.2.6.1
version/ibm maximo asset management/6.2.7
version/ibm maximo asset management/7.1
version/ibm maximo asset management/7.1.1
version/ibm maximo asset management/7.1.1.1
version/ibm maximo asset management/7.1.1.2
version/ibm maximo asset management/7.1.1.5
version/ibm maximo asset management/7.1.1.6
version/ibm maximo asset management/7.1.1.7
version/ibm maximo asset management/7.1.1.8
version/ibm maximo asset management/7.1.1.9
version/ibm maximo asset management/7.1.1.10
version/ibm maximo asset management/7.1.1.11

Frequently Asked Questions

What is the severity of CVE-2013-3048?
The CVE-2013-3048 vulnerability is considered to have a medium severity due to its potential for cross-site scripting attacks.
How do I fix CVE-2013-3048?
To fix CVE-2013-3048, update IBM Maximo Asset Management to version 7.5.0.3 or later, or apply available patches provided by IBM.
Who is affected by CVE-2013-3048?
CVE-2013-3048 affects IBM Maximo Asset Management versions 6.2 through 6.2.8 and 7.1 through 7.1.1.12, along with any versions before 7.5.0.3.
What types of attacks can CVE-2013-3048 enable?
CVE-2013-3048 can enable remote authenticated users to inject arbitrary web scripts or HTML, leading to cross-site scripting (XSS) attacks.
Is CVE-2013-3048 easy to exploit?
Exploitation of CVE-2013-3048 is relatively easy for authenticated users, as it requires no special access beyond user authentication.

CVE-2013-3048: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-3048?

How do I fix CVE-2013-3048?

Who is affected by CVE-2013-3048?

What types of attacks can CVE-2013-3048 enable?

Is CVE-2013-3048 easy to exploit?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2013-3048?

How do I fix CVE-2013-3048?

Who is affected by CVE-2013-3048?

What types of attacks can CVE-2013-3048 enable?

Is CVE-2013-3048 easy to exploit?