What is the severity of CVE-2014-6150?

The severity of CVE-2014-6150 is classified as medium due to potential exploitation by authenticated users.

Who is affected by CVE-2014-6150?

CVE-2014-6150 affects users of IBM Tivoli Application Dependency Discovery Manager versions 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2.

What types of vulnerabilities does CVE-2014-6150 represent?

CVE-2014-6150 represents a cross-site scripting (XSS) vulnerability that allows script injection.

Can CVE-2014-6150 be exploited remotely?

Yes, CVE-2014-6150 can be exploited remotely by authenticated users who craft specific URLs.

Vulnerability/
CVE-2014-6150

low

3.5

CWE

31/10/2014

6/8/2024

CVE-2014-6150: XSS

First published: Fri Oct 31 2014(Updated: )

Cross-site scripting (XSS) vulnerability in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Tivoli Application Dependency Discovery Manager	=7.2.1
IBM Tivoli Application Dependency Discovery Manager	=7.2.1.1
IBM Tivoli Application Dependency Discovery Manager	=7.2.1.2
IBM Tivoli Application Dependency Discovery Manager	=7.2.1.3
IBM Tivoli Application Dependency Discovery Manager	=7.2.1.4
IBM Tivoli Application Dependency Discovery Manager	=7.2.1.5
IBM Tivoli Application Dependency Discovery Manager	=7.2.1.6
IBM Tivoli Application Dependency Discovery Manager	=7.2.2
IBM Tivoli Application Dependency Discovery Manager	=7.2.2.1
IBM Tivoli Application Dependency Discovery Manager	=7.2.2.2

Remedy

http://www-01.ibm.com/support/docview.wss?uid=swg21688424

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-6150?
The severity of CVE-2014-6150 is classified as medium due to potential exploitation by authenticated users.
How do I fix CVE-2014-6150?
To fix CVE-2014-6150, update your IBM Tivoli Application Dependency Discovery Manager to a patched version beyond 7.2.2.2.
Who is affected by CVE-2014-6150?
CVE-2014-6150 affects users of IBM Tivoli Application Dependency Discovery Manager versions 7.2.1.0 through 7.2.1.6 and 7.2.2.0 through 7.2.2.2.
What types of vulnerabilities does CVE-2014-6150 represent?
CVE-2014-6150 represents a cross-site scripting (XSS) vulnerability that allows script injection.
Can CVE-2014-6150 be exploited remotely?
Yes, CVE-2014-6150 can be exploited remotely by authenticated users who craft specific URLs.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/weakness
agent/remedy
agent/severity
agent/last-modified-date
agent/references
agent/tags
agent/first-publish-date
agent/event
agent/description
agent/source
vendor/ibm
canonical/ibm tivoli application dependency discovery manager
version/ibm tivoli application dependency discovery manager/7.2.1
version/ibm tivoli application dependency discovery manager/7.2.1.1
version/ibm tivoli application dependency discovery manager/7.2.1.2
version/ibm tivoli application dependency discovery manager/7.2.1.3
version/ibm tivoli application dependency discovery manager/7.2.1.4
version/ibm tivoli application dependency discovery manager/7.2.1.5
version/ibm tivoli application dependency discovery manager/7.2.1.6
version/ibm tivoli application dependency discovery manager/7.2.2
version/ibm tivoli application dependency discovery manager/7.2.2.1
version/ibm tivoli application dependency discovery manager/7.2.2.2

CVE-2014-6150: XSS

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-6150?

How do I fix CVE-2014-6150?

Who is affected by CVE-2014-6150?

What types of vulnerabilities does CVE-2014-6150 represent?

Can CVE-2014-6150 be exploited remotely?

Company

Resources

Contact