CVE-2013-3034

{"id": "CVE-2013-3034", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2013-08-16T01:55:15.777", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21646136", "tags": ["Patch", "Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "http://www.securityfocus.com/bid/61757", "source": "psirt@us.ibm.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84646", "source": "psirt@us.ibm.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21646136", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/61757", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84646", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in IBM InfoSphere Information Server through 8.5 FP3, 8.7 through FP2, and 9.1 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the web console."}, {"lang": "es", "value": "Vulnerabilidad Cross-site scripting (XSS) en IBM InfoSphere Information Server hasta  v8.5 FP3, v8.7 hasta FP2, y v9.1 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML a trav\u00e9s de vectores relacionados con la consola web."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0952B898-6071-4709-B6EF-14CD42078181", "versionEndIncluding": "8.5"}, {"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "317FAE67-76E2-4084-9393-8A02D255BAF5"}, {"criteria": "cpe:2.3:a:ibm:infosphere_information_server:8.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42A9CF5C-79EC-4BBF-92AF-2AB3DC125684"}, {"criteria": "cpe:2.3:a:ibm:infosphere_information_server:9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3BF0A4B-5DDB-420D-B1F2-8C1ED23F60CF"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}