CVE-2009-3521

{"id": "CVE-2009-3521", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2009-10-01T17:00:00.217", "references": [{"url": "http://secunia.com/advisories/36901", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www-01.ibm.com/support/docview.wss?rs=71&uid=swg1PK90126", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/36551", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2009/2797", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site scripting (XSS) vulnerabilities in the Visualization Engine (VE) in IBM Tivoli Composite Application Manager for WebSphere (ITCAM) 6.1.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de secuencias de comandos en Visualization Engine (VE) en IBM Tivoli Composite Application Manager para WebSphere (ITCAM) v6.1.0 permite a atacantes remotos inyectar c\u00f3digo web o HTML a trav\u00e9s de vectores no especificados."}], "lastModified": "2009-10-01T17:00:00.217", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:tivoli_composite_application_manager_for_wesbsphere:6.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "940A1F93-0561-48FD-AE14-CD099EAC1DC7"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}