Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for tivoli_integrated_portal by ibm

    CVE-2016-0303 (GCVE-0-2016-0303)

    Vulnerability from nvd – Published: 2018-02-02 21:00 – Updated: 2024-08-05 22:15
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    Date Public
    2016-05-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:15:23.312Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981591"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2016-05-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-02T20:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981591"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-0303",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21981591",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981591"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-0303",
        "datePublished": "2018-02-02T21:00:00.000Z",
        "dateReserved": "2015-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:15:23.312Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-6152 (GCVE-0-2014-6152)

    Vulnerability from nvd – Published: 2014-10-25 10:00 – Updated: 2024-08-06 12:10
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Integrated Portal (TIP) 2.2.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    URL Tags
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://secunia.com/advisories/61899 third-party-advisoryx_refsource_SECUNIA
    http://www-01.ibm.com/support/docview.wss?uid=swg… vendor-advisoryx_refsource_AIXAPAR
    http://www.securityfocus.com/bid/70729 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2014-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T12:10:12.192Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541"
              },
              {
                "name": "61899",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/61899"
              },
              {
                "name": "PI27417",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417"
              },
              {
                "name": "70729",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/70729"
              },
              {
                "name": "ibm-tivoli-cve20146152-xss(97034)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97034"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Integrated Portal (TIP) 2.2.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-07T15:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541"
            },
            {
              "name": "61899",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/61899"
            },
            {
              "name": "PI27417",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417"
            },
            {
              "name": "70729",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/70729"
            },
            {
              "name": "ibm-tivoli-cve20146152-xss(97034)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97034"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-6152",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Integrated Portal (TIP) 2.2.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541"
                },
                {
                  "name": "61899",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/61899"
                },
                {
                  "name": "PI27417",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417"
                },
                {
                  "name": "70729",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/70729"
                },
                {
                  "name": "ibm-tivoli-cve20146152-xss(97034)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97034"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-6152",
        "datePublished": "2014-10-25T10:00:00.000Z",
        "dateReserved": "2014-09-02T00:00:00.000Z",
        "dateUpdated": "2024-08-06T12:10:12.192Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-6151 (GCVE-0-2014-6151)

    Vulnerability from nvd – Published: 2014-10-25 10:00 – Updated: 2024-08-06 12:10
    VLAI
    Summary
    CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    URL Tags
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/70727 vdb-entryx_refsource_BID
    http://secunia.com/advisories/61899 third-party-advisoryx_refsource_SECUNIA
    http://www-01.ibm.com/support/docview.wss?uid=swg… vendor-advisoryx_refsource_AIXAPAR
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2014-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T12:10:12.202Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541"
              },
              {
                "name": "70727",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/70727"
              },
              {
                "name": "61899",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/61899"
              },
              {
                "name": "PI27417",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417"
              },
              {
                "name": "ibm-tivoli-cve20146151-response-splitting(97033)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97033"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-07T15:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541"
            },
            {
              "name": "70727",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/70727"
            },
            {
              "name": "61899",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/61899"
            },
            {
              "name": "PI27417",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417"
            },
            {
              "name": "ibm-tivoli-cve20146151-response-splitting(97033)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97033"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-6151",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541"
                },
                {
                  "name": "70727",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/70727"
                },
                {
                  "name": "61899",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/61899"
                },
                {
                  "name": "PI27417",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417"
                },
                {
                  "name": "ibm-tivoli-cve20146151-response-splitting(97033)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97033"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-6151",
        "datePublished": "2014-10-25T10:00:00.000Z",
        "dateReserved": "2014-09-02T00:00:00.000Z",
        "dateUpdated": "2024-08-06T12:10:12.202Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3020 (GCVE-0-2014-3020)

    Vulnerability from nvd – Published: 2014-07-29 20:00 – Updated: 2024-08-06 10:28
    VLAI
    Summary
    install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    URL Tags
    http://secunia.com/advisories/59687 third-party-advisoryx_refsource_SECUNIA
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/69034 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://secunia.com/advisories/60552 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/59795 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2014-07-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:28:46.352Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "59687",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/59687"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680841"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679952"
              },
              {
                "name": "69034",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/69034"
              },
              {
                "name": "ibm-tip-ewas-cve20143020-install(93056)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93056"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680254"
              },
              {
                "name": "60552",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/60552"
              },
              {
                "name": "59795",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/59795"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-07-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "59687",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/59687"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680841"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679952"
            },
            {
              "name": "69034",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/69034"
            },
            {
              "name": "ibm-tip-ewas-cve20143020-install(93056)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93056"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680254"
            },
            {
              "name": "60552",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/60552"
            },
            {
              "name": "59795",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/59795"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-3020",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "59687",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/59687"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680841",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680841"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679952",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679952"
                },
                {
                  "name": "69034",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/69034"
                },
                {
                  "name": "ibm-tip-ewas-cve20143020-install(93056)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93056"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680254",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680254"
                },
                {
                  "name": "60552",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/60552"
                },
                {
                  "name": "59795",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/59795"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-3020",
        "datePublished": "2014-07-29T20:00:00.000Z",
        "dateReserved": "2014-04-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:28:46.352Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0732 (GCVE-0-2011-0732)

    Vulnerability from nvd – Published: 2011-02-01 17:00 – Updated: 2024-09-16 16:52
    VLAI
    Summary
    Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM Tivoli Common Reporting (TCR) 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to "security vulnerabilities of Websphere Application Server bundled within" and "many internal defects and APARs."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/43030 third-party-advisoryx_refsource_SECUNIA
    http://www.ibm.com/support/docview.wss?uid=swg1IY99978 vendor-advisoryx_refsource_AIXAPAR
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:05:52.871Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "43030",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43030"
              },
              {
                "name": "IY99978",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg1IY99978"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM Tivoli Common Reporting (TCR) 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to \"security vulnerabilities of Websphere Application Server bundled within\" and \"many internal defects and APARs.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-02-01T17:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "43030",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43030"
            },
            {
              "name": "IY99978",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg1IY99978"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-0732",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM Tivoli Common Reporting (TCR) 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to \"security vulnerabilities of Websphere Application Server bundled within\" and \"many internal defects and APARs.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "43030",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43030"
                },
                {
                  "name": "IY99978",
                  "refsource": "AIXAPAR",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg1IY99978"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-0732",
        "datePublished": "2011-02-01T17:00:00.000Z",
        "dateReserved": "2011-02-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:52:45.132Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-0303 (GCVE-0-2016-0303)

    Vulnerability from cvelistv5 – Published: 2018-02-02 21:00 – Updated: 2024-08-05 22:15
    VLAI
    Summary
    Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    Date Public
    2016-05-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:15:23.312Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981591"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2016-05-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-02T20:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981591"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-0303",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting (XSS) vulnerability in IBM Tivoli Integrated Portal 2.2.0.0 through 2.2.0.15 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21981591",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981591"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-0303",
        "datePublished": "2018-02-02T21:00:00.000Z",
        "dateReserved": "2015-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:15:23.312Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-6151 (GCVE-0-2014-6151)

    Vulnerability from cvelistv5 – Published: 2014-10-25 10:00 – Updated: 2024-08-06 12:10
    VLAI
    Summary
    CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    URL Tags
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/70727 vdb-entryx_refsource_BID
    http://secunia.com/advisories/61899 third-party-advisoryx_refsource_SECUNIA
    http://www-01.ibm.com/support/docview.wss?uid=swg… vendor-advisoryx_refsource_AIXAPAR
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2014-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T12:10:12.202Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541"
              },
              {
                "name": "70727",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/70727"
              },
              {
                "name": "61899",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/61899"
              },
              {
                "name": "PI27417",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417"
              },
              {
                "name": "ibm-tivoli-cve20146151-response-splitting(97033)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97033"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-07T15:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541"
            },
            {
              "name": "70727",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/70727"
            },
            {
              "name": "61899",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/61899"
            },
            {
              "name": "PI27417",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417"
            },
            {
              "name": "ibm-tivoli-cve20146151-response-splitting(97033)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97033"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-6151",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "CRLF injection vulnerability in IBM Tivoli Integrated Portal (TIP) 2.2.x allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541"
                },
                {
                  "name": "70727",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/70727"
                },
                {
                  "name": "61899",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/61899"
                },
                {
                  "name": "PI27417",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417"
                },
                {
                  "name": "ibm-tivoli-cve20146151-response-splitting(97033)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97033"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-6151",
        "datePublished": "2014-10-25T10:00:00.000Z",
        "dateReserved": "2014-09-02T00:00:00.000Z",
        "dateUpdated": "2024-08-06T12:10:12.202Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-6152 (GCVE-0-2014-6152)

    Vulnerability from cvelistv5 – Published: 2014-10-25 10:00 – Updated: 2024-08-06 12:10
    VLAI
    Summary
    Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Integrated Portal (TIP) 2.2.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    URL Tags
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://secunia.com/advisories/61899 third-party-advisoryx_refsource_SECUNIA
    http://www-01.ibm.com/support/docview.wss?uid=swg… vendor-advisoryx_refsource_AIXAPAR
    http://www.securityfocus.com/bid/70729 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2014-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T12:10:12.192Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541"
              },
              {
                "name": "61899",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/61899"
              },
              {
                "name": "PI27417",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417"
              },
              {
                "name": "70729",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/70729"
              },
              {
                "name": "ibm-tivoli-cve20146152-xss(97034)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97034"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Integrated Portal (TIP) 2.2.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-09-07T15:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541"
            },
            {
              "name": "61899",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/61899"
            },
            {
              "name": "PI27417",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417"
            },
            {
              "name": "70729",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/70729"
            },
            {
              "name": "ibm-tivoli-cve20146152-xss(97034)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97034"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-6152",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple cross-site scripting (XSS) vulnerabilities in IBM Tivoli Integrated Portal (TIP) 2.2.x allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21687541"
                },
                {
                  "name": "61899",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/61899"
                },
                {
                  "name": "PI27417",
                  "refsource": "AIXAPAR",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PI27417"
                },
                {
                  "name": "70729",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/70729"
                },
                {
                  "name": "ibm-tivoli-cve20146152-xss(97034)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/97034"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-6152",
        "datePublished": "2014-10-25T10:00:00.000Z",
        "dateReserved": "2014-09-02T00:00:00.000Z",
        "dateUpdated": "2024-08-06T12:10:12.192Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-3020 (GCVE-0-2014-3020)

    Vulnerability from cvelistv5 – Published: 2014-07-29 20:00 – Updated: 2024-08-06 10:28
    VLAI
    Summary
    install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    ibm
    References
    URL Tags
    http://secunia.com/advisories/59687 third-party-advisoryx_refsource_SECUNIA
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/69034 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://secunia.com/advisories/60552 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/59795 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2014-07-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:28:46.352Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "59687",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/59687"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680841"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679952"
              },
              {
                "name": "69034",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/69034"
              },
              {
                "name": "ibm-tip-ewas-cve20143020-install(93056)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93056"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680254"
              },
              {
                "name": "60552",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/60552"
              },
              {
                "name": "59795",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/59795"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-07-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "59687",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/59687"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680841"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679952"
            },
            {
              "name": "69034",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/69034"
            },
            {
              "name": "ibm-tip-ewas-cve20143020-install(93056)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93056"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680254"
            },
            {
              "name": "60552",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/60552"
            },
            {
              "name": "59795",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/59795"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2014-3020",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "install.sh in the Embedded WebSphere Application Server (eWAS) 7.0 before FP33 in IBM Tivoli Integrated Portal (TIP) 2.1 and 2.2 sets world-writable permissions for the installRoot directory tree, which allows local users to gain privileges via a Trojan horse program."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "59687",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/59687"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680841",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680841"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21679952",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21679952"
                },
                {
                  "name": "69034",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/69034"
                },
                {
                  "name": "ibm-tip-ewas-cve20143020-install(93056)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93056"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680254",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680254"
                },
                {
                  "name": "60552",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/60552"
                },
                {
                  "name": "59795",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/59795"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2014-3020",
        "datePublished": "2014-07-29T20:00:00.000Z",
        "dateReserved": "2014-04-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:28:46.352Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-0732 (GCVE-0-2011-0732)

    Vulnerability from cvelistv5 – Published: 2011-02-01 17:00 – Updated: 2024-09-16 16:52
    VLAI
    Summary
    Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM Tivoli Common Reporting (TCR) 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to "security vulnerabilities of Websphere Application Server bundled within" and "many internal defects and APARs."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/43030 third-party-advisoryx_refsource_SECUNIA
    http://www.ibm.com/support/docview.wss?uid=swg1IY99978 vendor-advisoryx_refsource_AIXAPAR
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:05:52.871Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "43030",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/43030"
              },
              {
                "name": "IY99978",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg1IY99978"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM Tivoli Common Reporting (TCR) 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to \"security vulnerabilities of Websphere Application Server bundled within\" and \"many internal defects and APARs.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2011-02-01T17:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "43030",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/43030"
            },
            {
              "name": "IY99978",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg1IY99978"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-0732",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in IBM Tivoli Integrated Portal (TIP) 1.1.1.1, as used in IBM Tivoli Common Reporting (TCR) 1.2.0 before Interim Fix 9, have unknown impact and attack vectors, related to \"security vulnerabilities of Websphere Application Server bundled within\" and \"many internal defects and APARs.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "43030",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/43030"
                },
                {
                  "name": "IY99978",
                  "refsource": "AIXAPAR",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg1IY99978"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-0732",
        "datePublished": "2011-02-01T17:00:00.000Z",
        "dateReserved": "2011-02-01T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:52:45.132Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }