CVE-2013-5402
Published Dec 18, 2013
Last updated 7 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management, Maximo Asset Management Essentials, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life Sciences, Maximo for Oil and Gas, and Maximo for Utilities 7.1.x through 7.1.1.12, 7.1.2, 7.5 before 7.5.0.3 IFIX014, and 7.5.0.5 before IFIX003; SmartCloud Control Desk (SCCD) 7.5 before 7.5.0.3 IFIX014 and 7.5.0.5 before IFIX003; and Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB) 7.1.x through 7.1.1.12, 7.1.2, and 7.2.x through 7.2.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DE721CF9-0F75-410B-A0F4-542041E25925"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F261A268-7CD0-4328-8FBB-6AC40927DDFC"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "537C2C01-302E-48A2-9D50-C98AB6DBC466"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65C72B48-0C0F-4C90-A34B-528A5C67432C"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "59090B6A-09AE-4597-A60A-38C20AEA8F3E"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74B7BC68-4BCB-4E02-9F6D-0F99DBE87FF0"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FB99EBA-9725-4AB3-B816-5E00ADD7B7EC"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "19A4B2CD-94F5-4449-8D1F-E69C3BA9929C"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F077F88-37D3-43FA-8EA6-A7FBD9869AA9"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "741A13F4-DED0-43A2-8761-AAEAA0557B96"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8945E452-7D50-4C59-B8CE-8F1C756DB01A"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.1.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0632D29-B9B9-48E1-9762-A80B660CEBA1"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "41ED069C-0C1B-4D0E-A077-E095897003DF"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B590C42-21A1-4C62-8293-5A0D7AD628E4"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "01604919-877F-4BDF-A137-C1A54E04BEC6"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4577B9CD-45CA-4D01-B99D-7C39131C9C35"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EBB734EA-42EE-4BE0-934E-9E783BCDA31A"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management:7.5.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36BB996E-17BC-4E35-97A0-142946F6B2AD"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management_essentials:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85457F6C-80FE-4E9F-BAB6-58B0485D8B7B"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management_essentials:7.5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCA89D39-C008-49CD-9D1E-7109644970AB"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management_essentials:7.5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F7AF98E-13F3-4D28-9BD1-4D17DFF290D2"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management_essentials:7.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CF1B4FA-A938-4A1C-91C7-21255ACDB0DF"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management_essentials:7.5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8E5C2A28-739B-42A3-9161-E88BACB1876A"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management_essentials:7.5.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7BB685AE-C72D-41BD-B9E3-0767328EAB73"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_asset_management_essentials:7.5.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8BDC50C9-49EF-47CA-88FB-A8BCDF44922B"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_government:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D8673B0-D385-467A-A60C-90A436C976D3"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E13EC59E-0D34-429E-857A-6553286B95B4"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E847B9C-EBB6-47EF-8519-52F3B0ED13FA"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C99DF69D-4963-4BC7-81DE-7091FDD7FC13"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9E000525-2222-4B9D-9631-7A2EF8DF5EF6"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D91D1E87-8812-4B7A-A4CF-E78D64247F11"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_government:7.5.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "542A832F-E26D-4232-BC5A-FB93F0A33072"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9B315997-8DD3-4244-B292-68568FB82CED"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82E905E5-EF91-4CD3-B30F-06B9BDFD07A9"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9956CC67-C6C5-454C-AB39-D6E2B182B256"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7A031C08-3502-4770-838F-C9481F92E3DA"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40421A30-9CD0-46FE-8723-E4AC6EA51F07"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE4951D3-68F8-4A99-9F3C-7C5118CBBCF1"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_life_sciences:7.5.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C24B38BD-2A3B-4B00-B053-06F5AB32265C"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4796CF9E-0065-4DE2-8C7A-22EB76F65E8E"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D0C60408-42F0-495B-840B-9A2F5C9CE5E2"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85D493B1-2E6E-48B4-9FA3-78D8F6447F12"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D1452A20-CF6F-4150-B543-ECB9C8E921D2"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3985E49F-DDA0-4344-9088-4C961A3F7CAF"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B47280A1-1E0C-4D58-AB28-4E85DFEB3081"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_nuclear_power:7.5.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "08080694-7D79-42B4-BEFF-36C2435BF0AE"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "764D9D95-26A8-441E-95E1-55C9CDEA59BD"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "348A5D33-4B81-479F-AE61-4C17642F11EA"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "470406C7-0F53-47B9-8A5B-E8053DC37640"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51692CC8-DB5B-45DF-B1C4-0F977350A99A"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F94013B4-56FD-4380-A08C-3867FD3C0B8A"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "65878D4F-0171-4BF0-AAB1-9AB8A95EEDB2"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_oil_and_gas:7.5.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A37A2515-3CB2-4D36-BAED-D5915CAD8BB8"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F780ADF-3151-4B2C-98B9-7FFD0DB47A57"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F61A8511-5C5E-4328-998A-28D3229B9B38"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4A723D1C-A9AF-4D7F-9E76-14AAE49E2D87"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "615A3FF9-B20F-4C4E-9A6E-5A6F71A938B1"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6F36331-E40D-4F7D-A748-8F87DC17B1E9"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E285BF7C-B698-4F56-A172-B196B7694987"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_transportation:7.5.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D069E18-1DBB-4537-AAE3-1D42C492D4B1"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "553D4A7C-E2F0-40F7-88FC-AB372DFCA9DD"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "982661EA-3176-4854-A64C-9F32751A045C"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9688CC0-4A67-4884-B327-B403ABF59A12"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57B19AFE-7D8B-48E4-9012-7AA3FA885DC8"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AF3175D9-FB46-41FF-97D1-1E86497195BF"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E1D9AD3-5F06-48A0-B5E9-6B58B90ED75D"
},
{
"criteria": "cpe:2.3:a:ibm:maximo_for_utilities:7.5.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C7E5F34-0898-467E-A148-B14078C3239C"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:smartcloud_control_desk:7.5.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83265FEF-C0CF-47B9-9A62-020897AABC5F"
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_control_desk:7.5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55A421E5-F65D-459D-87E3-6398D587F8C0"
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_control_desk:7.5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "868B2E44-6193-4159-8D87-C77B468B02DF"
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_control_desk:7.5.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0F37D573-8E61-41D1-AC4D-D5AAA7C46CCE"
},
{
"criteria": "cpe:2.3:a:ibm:smartcloud_control_desk:7.5.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "397FB717-6568-4037-8D7F-D31CF18E0782"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:change_and_configuration_management_database:7.1.1.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "250FC595-3DB0-4860-9FF1-AC0215A9D3C7"
},
{
"criteria": "cpe:2.3:a:ibm:change_and_configuration_management_database:7.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E052B5F4-34AD-46CE-836F-43FCD4B5B7BE"
},
{
"criteria": "cpe:2.3:a:ibm:change_and_configuration_management_database:7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83470AC7-A06B-4443-9E60-B0AA18B69AC7"
},
{
"criteria": "cpe:2.3:a:ibm:change_and_configuration_management_database:7.2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29A7E369-EBBD-4456-AE47-712CB273F40A"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.1.1.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6562F50F-0566-4C82-AE66-36049B220C2D"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7CEE1180-9EC7-4078-B90E-077489E4F586"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D5C1BCF-1DC0-45E7-B624-9221F8610346"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_asset_management_for_it:7.2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EF1F14EE-6B26-427D-8FFB-94EC042C0FBA"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_service_request_manager:7.1.1.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CC0184C-0593-4C37-AC63-5B09FD21B3B1"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_service_request_manager:7.1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "477D96BA-18FC-4B02-B0F7-276F93D9A25A"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_service_request_manager:7.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95FF438A-31FC-44DD-AC14-C9332F0B0A3D"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_service_request_manager:7.2.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B1F47F9-4D3D-439A-BEE8-F270C9BA7B71"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_service_request_manager:7.2.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "87F7EA33-B49A-4283-8A00-9B629508143E"
}
],
"operator": "OR"
}
]
}
]