1. Home
  2. CVE Database
  3. CVE-2012-3326
MEDIUM · 4.3

CVE-2012-3326

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, an...

Vulnerability Description

Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, and Change and Configuration Management Database (CCMDB), allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS Score

4.3

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N
Confidentiality
NONE
Integrity
PARTIAL
Availability
NONE

Affected Products

VendorProductVersions
IbmChange And Configuration Management Database6.0
IbmMaximo Asset Management7.5.0.0
IbmMaximo Service Desk6.2
IbmSmartcloud Control Desk7.0
IbmTivoli Asset Management For It6.0
IbmTivoli Service Request Manager7.0

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2012-3326?

CVE-2012-3326 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5, as used in SmartCloud Control Desk, Tivoli Asset Management for IT, Tivoli Service Request Manager, Maximo Service Desk, an...

How severe is CVE-2012-3326?

CVE-2012-3326 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-3326?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Change And Configuration Management Database, Ibm Maximo Asset Management, Ibm Maximo Service Desk, Ibm Smartcloud Control Desk, Ibm Tivoli Asset Management For It.