CVE-2015-1988
Summary
| CVE | CVE-2015-1988 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-10-04 02:59:00 UTC |
| Updated | 2019-06-13 14:35:00 UTC |
| Description | Cross-site scripting (XSS) vulnerability in IBM Tivoli Storage Manger for Virtual Environments: Data Protection for VMware 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.3 and Tivoli Storage FlashCopy Manager for VMware 3.1 before 3.1.1.3, 3.2 before 3.2.0.6, and 4.1 before 4.1.3.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. |
Risk And Classification
Problem Types: CWE-79
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Tivoli Storage Flashcopy Manager | All | All | All | All |
| Application | Ibm | Tivoli Storage Flashcopy Manager | All | All | All | All |
| Application | Ibm | Tivoli Storage Flashcopy Manager | All | All | All | All |
| Application | Ibm | Tivoli Storage Manager For Virtual Environments | All | All | All | All |
| Application | Ibm | Tivoli Storage Manager For Virtual Environments | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM Security Bulletin: Cross-site Scripting vulnerability affects IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware and IBM Tivoli Storage FlashCopy Manager for VMware (CVE-2015-1988) - United States | CONFIRM | www-01.ibm.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.