CVE-2014-6100

Published Oct 19, 2014
Last updated 3 months ago
CVSS info 3.5
Overview

Description: Cross-site scripting (XSS) vulnerability in the Admin UI in IBM Tivoli Directory Server 6.1 before 6.1.0.64-ISS-ITDS-IF0064, 6.2 before 6.2.0.39-ISS-ITDS-FP0039, and 6.3 before 6.3.0.33-ISS-ITDS-IF0033, and IBM Security Directory Server 6.3.1 before 6.3.1.7-ISS-ISDS-IF0007, allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Source: psirt@us.ibm.com
NVD status: Modified
Risk scores

CVSS 2.0

Type: Primary
Base score: 3.5
Impact score: 2.9
Exploitability score: 6.8
Vector string: AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: CWE-79
Hype score: Not currently trending
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76D71241-E8BE-4E48-8E25-DFCC919FF5E9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47D9A14A-E167-49AF-B675-B7C7933F64D5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E22DDAC-4419-4214-BBB8-4984AA8F9090"
          },
          {
            "criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC77DA6D-55EC-4B98-9E75-57F9AD0642DA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0837005C-126A-4800-A3B1-74A22F0DC617"
          },
          {
            "criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07D1C332-CFFA-4FA5-9BEF-673BE30E8378"
          },
          {
            "criteria": "cpe:2.3:a:ibm:security_directory_server:6.3.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69DE7246-2030-4F00-A3B5-B9E911441449"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "06626F2E-605A-4AA0-839D-B035336453E1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F468434-0317-435A-B2A6-5923A88A090F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E79197BC-3BDF-4F38-B63F-1B2A658B645F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7B1402A-B3C3-4210-928F-6EFCCE2DE1CF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "92D48F0B-C9E2-4381-8463-83FF47136EB8"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36308D0C-D92C-4857-A857-097F383EE76C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A84CEB80-796F-4928-A2A0-73E604543A70"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "462385FC-F345-42EE-ABF0-E1781CC648A9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F10F3910-5616-41A2-A3BF-18FA4DD68631"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "51C34738-5F9B-43A7-987F-EB805B31119E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6AA93B63-9D15-4784-8585-DBC139A382E7"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55D84E30-1F23-4A6A-B622-78DBEEBEFB46"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50C9A7DF-6968-41CC-911A-B746CB43AA82"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EA493E1-F791-4FE5-9F7E-36CAC0D942C2"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7365156-4EA3-476A-A395-FADEDF1BA80A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "321B15BC-2653-4B64-A5AE-9FCA6A08713C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A1B527B-E07D-4543-92A6-0EE58CB8FECC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.17:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CDBA9D2-E683-431A-B06C-5CCA55E44EA9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.18:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EF4AFCB-755A-40E9-AB2B-4FDFD10B0388"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "86556AFA-F4F5-4C29-B59D-DC5281375E07"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E16D75E-7678-48AF-AA2D-33C167ACC99E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FBB97A26-E8A9-418C-87C9-F4837BF6680A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AFFA6A4C-8EE2-4898-9AEB-CA5EBE4BC5E9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3922010D-4867-402C-9EC5-98FDEB281EA0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.24:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBC6C026-A23F-4A12-BE0C-3333B9D5A0DE"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "297D92F4-51B0-4DC0-B872-984AD0A6008F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4B93E759-1B76-421D-9684-F6FF77A99E6C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.27:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "344605B3-15C9-4E36-A22B-7EBC1207A03E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.28:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F15D60CA-8B3C-48D7-A860-1B72BCA14CFA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD03B74B-E234-4757-8D98-896DEA4CED7F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.30:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BAF9CDD0-3F78-4489-A18D-40A1FAF705F1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3CBF6D03-9A58-477D-B5D0-030A373A58AA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C7636BE-22BB-44C3-B303-9780E2A24487"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E4E6E83-914D-467F-9EEA-56669B95CCAD"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38BBCED9-4260-40DC-A9A6-40CDB09BA92E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.35:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D297D508-ACC2-41E7-B3F5-5AEDFE3E2453"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.36:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DBD3BA3E-E015-4CB7-B686-19F45F8221C1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.37:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "90F615EC-7530-468D-B62E-B07A1FE0431B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.38:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7E278A8E-D7B6-450C-92D6-9955B22E18C5"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.39:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB9D85F4-1019-419D-8769-B1636385384C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.45:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A43ECBF2-8D39-469F-8D45-B2FA44B3A9FC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.46:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "18ABDC8A-118C-4A35-A396-1020A9469D82"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.47:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "38204AD1-BF0E-4521-9EE6-66214B4A353B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.48:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "218DD29F-18C9-489D-9273-4705BFCDE0F6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.63:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61B7FD9C-FEA9-4001-BD48-10B02B38989E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5682108-A76B-443A-A172-7F17F54B5983"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7165C049-258B-425D-B36B-152BBF3F8727"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "653551D3-88A3-4E69-A1B1-64326BEF1F18"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2CBAF2E5-4931-41AF-BCDA-D769B06FB05E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98186E56-0F75-4306-9E34-A388EA2FD6C4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2FC2A00D-4A9E-4BB7-81E6-A0D3A8434EA3"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D0CB6BE6-C851-4C31-A016-CCD4937277D9"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2260260B-B69E-4B59-A0D1-1F71B92ABDFA"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8BFF1C8-8AEA-43FC-B76C-F4A44A713F9E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E08631DE-72C4-462B-9763-41783EA8963C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50315494-8C1B-436B-8E24-8B8CA565FB17"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2759F8BC-8400-4AB1-81DD-51BD69BB720E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEEB330D-5FC6-424B-85EF-06A56329FFEC"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3588C1D0-3C8F-4C7A-A7F7-94EE51FA7ECF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33DE5E95-BA4A-42A2-B376-373331D9934E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6D5D35E5-AFBE-4D90-9E89-9251C45CF0DB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B87492D7-D0C6-4E4A-87B3-F44BC3149101"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.19:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "262F93A7-54A6-4D06-B5D1-FF6F7740044B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4798A6D-E4F3-4481-B2C2-DCA4BCD97572"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE5E8D59-79F9-46D1-A1A7-608FA49F7121"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BB8B3BE0-2515-4CB1-B124-5462703CD32B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.2.0.38:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3DD471E9-2DD0-4364-ABC2-9CFC0747A477"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5C3DDD9-9013-414E-B5EB-65F576E12778"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D48029C-3455-46A6-A8CA-8013A167979B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D872267B-B01D-4723-A522-8CDF684CB980"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2234E088-31ED-4BBF-94C5-131E3B0CB994"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CCF803A-86AE-4875-ABD8-2DDB44D88F56"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB3E505A-C749-4465-964F-0699DB9C094A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3B64779-4C28-4538-8F3C-EE32152AA8AD"
          },
          {
            "criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.3.0.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CEFC8686-795C-455B-B411-BD56E91683CD"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References
