What is the severity of CVE-2014-6175?

The severity of CVE-2014-6175 is classified as medium due to its potential impact on web application security through cross-site scripting.

How do I fix CVE-2014-6175?

To fix CVE-2014-6175, upgrade IBM Marketing Operations to versions 8.5.0.7.2, 8.6.0.8, or later, or any fixed version mentioned in the security advisory.

Who is affected by CVE-2014-6175?

CVE-2014-6175 affects users of IBM Marketing Operations versions 7.x, 8.x, 9.0.x, 9.1.0.x, and 9.1.1.x prior to their respective patched versions.

What type of attack can exploit CVE-2014-6175?

CVE-2014-6175 can be exploited to perform cross-site scripting (XSS) attacks, allowing an attacker to inject arbitrary scripts into web pages viewed by users.

Is user authentication required to exploit CVE-2014-6175?

Yes, remote authenticated users are required to exploit CVE-2014-6175, making it a privilege escalation vulnerability.

Vulnerability/
CVE-2014-6175

low

3.5

CWE

7/6/2015

6/8/2024

CVE-2014-6175: XSS

First published: Sun Jun 07 2015(Updated: )

Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Marketing Operations	=7.2.0.0
IBM Marketing Operations	=7.2.0.4
IBM Marketing Operations	=7.2.1.0
IBM Marketing Operations	=7.2.1.12
IBM Marketing Operations	=7.3.2.0
IBM Marketing Operations	=7.3.2.1
IBM Marketing Operations	=7.3.2.8
IBM Marketing Operations	=7.4.0.0
IBM Marketing Operations	=7.4.0.2
IBM Marketing Operations	=7.4.1.0
IBM Marketing Operations	=7.4.1.6
IBM Marketing Operations	=7.4.2.0
IBM Marketing Operations	=7.4.2.7
IBM Marketing Operations	=7.5.0.0
IBM Marketing Operations	=7.5.0.1
IBM Marketing Operations	=7.5.2.0
IBM Marketing Operations	=7.5.2.3
IBM Marketing Operations	=7.5.3.0
IBM Marketing Operations	=7.5.3.7
IBM Marketing Operations	=7.5.3.8
IBM Marketing Operations	=7.5.3.9
IBM Marketing Operations	=8.0.0.0
IBM Marketing Operations	=8.0.0.2
IBM Marketing Operations	=8.1.0.0
IBM Marketing Operations	=8.1.0.6
IBM Marketing Operations	=8.1.0.7
IBM Marketing Operations	=8.1.1.0
IBM Marketing Operations	=8.1.1.4
IBM Marketing Operations	=8.2.0.0
IBM Marketing Operations	=8.2.0.5
IBM Marketing Operations	=8.2.0.6
IBM Marketing Operations	=8.2.0.7
IBM Marketing Operations	=8.2.0.8
IBM Marketing Operations	=8.2.0.9
IBM Marketing Operations	=8.2.0.10
IBM Marketing Operations	=8.2.0.11
IBM Marketing Operations	=8.2.0.12
IBM Marketing Operations	=8.2.0.13
IBM Marketing Operations	=8.5.0.0
IBM Marketing Operations	=8.5.0.1
IBM Marketing Operations	=8.5.0.2
IBM Marketing Operations	=8.5.0.3
IBM Marketing Operations	=8.5.0.4
IBM Marketing Operations	=8.5.0.5
IBM Marketing Operations	=8.5.0.6
IBM Marketing Operations	=8.5.0.7
IBM Marketing Operations	=8.6.0.0
IBM Marketing Operations	=8.6.0.2
IBM Marketing Operations	=8.6.0.3
IBM Marketing Operations	=8.6.0.4
IBM Marketing Operations	=8.6.0.5
IBM Marketing Operations	=8.6.0.6
IBM Marketing Operations	=8.6.0.7
IBM Marketing Operations	=9.0.0.0
IBM Marketing Operations	=9.0.0.1
IBM Marketing Operations	=9.0.0.2
IBM Marketing Operations	=9.0.0.3
IBM Marketing Operations	=9.0.0.4
IBM Marketing Operations	=9.1.0.0
IBM Marketing Operations	=9.1.0.2
IBM Marketing Operations	=9.1.0.3
IBM Marketing Operations	=9.1.0.4
IBM Marketing Operations	=9.1.1.0
IBM Marketing Operations	=9.1.1.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-6175?
The severity of CVE-2014-6175 is classified as medium due to its potential impact on web application security through cross-site scripting.
How do I fix CVE-2014-6175?
To fix CVE-2014-6175, upgrade IBM Marketing Operations to versions 8.5.0.7.2, 8.6.0.8, or later, or any fixed version mentioned in the security advisory.
Who is affected by CVE-2014-6175?
CVE-2014-6175 affects users of IBM Marketing Operations versions 7.x, 8.x, 9.0.x, 9.1.0.x, and 9.1.1.x prior to their respective patched versions.
What type of attack can exploit CVE-2014-6175?
CVE-2014-6175 can be exploited to perform cross-site scripting (XSS) attacks, allowing an attacker to inject arbitrary scripts into web pages viewed by users.
Is user authentication required to exploit CVE-2014-6175?
Yes, remote authenticated users are required to exploit CVE-2014-6175, making it a privilege escalation vulnerability.

collector/nvd-index
agent/type
agent/references
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/weakness
agent/severity
agent/author
agent/description
agent/first-publish-date
agent/event
agent/tags
agent/source
vendor/ibm
canonical/ibm marketing operations
version/ibm marketing operations/7.2.0.0
version/ibm marketing operations/7.2.0.4
version/ibm marketing operations/7.2.1.0
version/ibm marketing operations/7.2.1.12
version/ibm marketing operations/7.3.2.0
version/ibm marketing operations/7.3.2.1
version/ibm marketing operations/7.3.2.8
version/ibm marketing operations/7.4.0.0
version/ibm marketing operations/7.4.0.2
version/ibm marketing operations/7.4.1.0
version/ibm marketing operations/7.4.1.6
version/ibm marketing operations/7.4.2.0
version/ibm marketing operations/7.4.2.7
version/ibm marketing operations/7.5.0.0
version/ibm marketing operations/7.5.0.1
version/ibm marketing operations/7.5.2.0
version/ibm marketing operations/7.5.2.3
version/ibm marketing operations/7.5.3.0
version/ibm marketing operations/7.5.3.7
version/ibm marketing operations/7.5.3.8
version/ibm marketing operations/7.5.3.9
version/ibm marketing operations/8.0.0.0
version/ibm marketing operations/8.0.0.2
version/ibm marketing operations/8.1.0.0
version/ibm marketing operations/8.1.0.6
version/ibm marketing operations/8.1.0.7
version/ibm marketing operations/8.1.1.0
version/ibm marketing operations/8.1.1.4
version/ibm marketing operations/8.2.0.0
version/ibm marketing operations/8.2.0.5
version/ibm marketing operations/8.2.0.6
version/ibm marketing operations/8.2.0.7
version/ibm marketing operations/8.2.0.8
version/ibm marketing operations/8.2.0.9
version/ibm marketing operations/8.2.0.10
version/ibm marketing operations/8.2.0.11
version/ibm marketing operations/8.2.0.12
version/ibm marketing operations/8.2.0.13
version/ibm marketing operations/8.5.0.0
version/ibm marketing operations/8.5.0.1
version/ibm marketing operations/8.5.0.2
version/ibm marketing operations/8.5.0.3
version/ibm marketing operations/8.5.0.4
version/ibm marketing operations/8.5.0.5
version/ibm marketing operations/8.5.0.6
version/ibm marketing operations/8.5.0.7
version/ibm marketing operations/8.6.0.0
version/ibm marketing operations/8.6.0.2
version/ibm marketing operations/8.6.0.3
version/ibm marketing operations/8.6.0.4
version/ibm marketing operations/8.6.0.5
version/ibm marketing operations/8.6.0.6
version/ibm marketing operations/8.6.0.7
version/ibm marketing operations/9.0.0.0
version/ibm marketing operations/9.0.0.1
version/ibm marketing operations/9.0.0.2
version/ibm marketing operations/9.0.0.3
version/ibm marketing operations/9.0.0.4
version/ibm marketing operations/9.1.0.0
version/ibm marketing operations/9.1.0.2
version/ibm marketing operations/9.1.0.3
version/ibm marketing operations/9.1.0.4
version/ibm marketing operations/9.1.1.0
version/ibm marketing operations/9.1.1.1

CVE-2014-6175: XSS

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-6175?

How do I fix CVE-2014-6175?

Who is affected by CVE-2014-6175?

What type of attack can exploit CVE-2014-6175?

Is user authentication required to exploit CVE-2014-6175?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2014-6175?

How do I fix CVE-2014-6175?

Who is affected by CVE-2014-6175?

What type of attack can exploit CVE-2014-6175?

Is user authentication required to exploit CVE-2014-6175?