CVE-2012-3316 in SmartCloud Control Deskinfo

Summary

Cross-site scripting (XSS) vulnerability in the Tivoli Process Automation Engine (TPAE) in IBM Maximo Asset Management 6.2 through 7.5, Maximo Asset Management Essentials 6.2 through 7.5, Tivoli Asset Management for IT 6.2 through 7.2, Tivoli Service Request Manager 7.1 and 7.2, Maximo Service Desk 6.2, Change and Configuration Management Database (CCMDB) 7.1 and 7.2, and SmartCloud Control Desk 7.5 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

Once again VulDB remains the best source for vulnerability data.

Reservation

06/07/2012

Disclosure

02/20/2013

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-79

CVSS

3.5

EPSS

0.00188

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-3316
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-3316
CVE Details	https://www.cvedetails.com/cve/CVE-2012-3316/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!