Search criteria
18 vulnerabilities found for marketing_operations by ibm
FKIE_CVE-2020-4125
Vulnerability from fkie_nvd - Published: 2020-07-20 22:15 - Updated: 2024-11-21 05:32
Severity ?
Summary
Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@hcl.com | https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0080941 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0080941 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | marketing_operations | * | |
| ibm | marketing_operations | * | |
| ibm | marketing_operations | 9.1.2.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FAA8655-5455-48BB-A49F-CA6EC1BE05DC",
"versionEndIncluding": "10.1.0.3",
"versionStartIncluding": "10.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34C94E81-6269-4A32-AD6B-4E659C1C5130",
"versionEndIncluding": "11.1.0.2",
"versionStartIncluding": "11.1.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "4A70F5BA-22A6-47A3-89EA-91182624A85B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information."
},
{
"lang": "es",
"value": "Usando HCL Marketing Operations versiones 9.1.2.4, 10.1.x, 11.1.0.x, un atacante malicioso podr\u00eda descargar archivos desde el entorno RHEL al hacer alguna modificaci\u00f3n en el enlace, d\u00e1ndole acceso al atacante a informaci\u00f3n confidencial"
}
],
"id": "CVE-2020-4125",
"lastModified": "2024-11-21T05:32:17.787",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-20T22:15:11.907",
"references": [
{
"source": "psirt@hcl.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080941"
}
],
"sourceIdentifier": "psirt@hcl.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-494"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2017-1119
Vulnerability from fkie_nvd - Published: 2018-11-09 01:29 - Updated: 2024-11-21 03:21
Severity ?
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Summary
IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be returned containing the full root path. An attacker could use this information to launch further attacks against the affected system. IBM X-Force ID: 121171.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=ibm10738519 | Vendor Advisory | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/121171 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=ibm10738519 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/121171 | VDB Entry, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | marketing_operations | * | |
| ibm | marketing_operations | * | |
| ibm | marketing_operations | 10.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "45596737-8425-4E13-BEE8-3F58E6405393",
"versionEndIncluding": "9.1.0.12",
"versionStartIncluding": "9.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93137CAF-FF3A-4D92-9867-202EDBB95C95",
"versionEndIncluding": "9.1.2.7",
"versionStartIncluding": "9.1.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED76351E-8D8B-43FA-985E-E80F3208F7A5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be returned containing the full root path. An attacker could use this information to launch further attacks against the affected system. IBM X-Force ID: 121171."
},
{
"lang": "es",
"value": "IBM Marketing Operations 9.1.0, 9.1.2 y 10.1 pueden permitir que un atacante remoto obtenga informaci\u00f3n sensible. Un atacante puede enviar una petici\u00f3n especialmente manipulada para que se devuelva un mensaje de error que contenga la ruta de root completa. Un atacante podr\u00eda utilizar esta informaci\u00f3n para lanzar m\u00e1s ataques contra el sistema afectado. IBM X-Force ID: 121171."
}
],
"id": "CVE-2017-1119",
"lastModified": "2024-11-21T03:21:21.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@us.ibm.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-11-09T01:29:00.337",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10738519"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10738519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121171"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-6112
Vulnerability from fkie_nvd - Published: 2017-05-22 20:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | marketing_platform | 8.6.0.0 | |
| ibm | marketing_platform | 9.0.0.0 | |
| ibm | marketing_platform | 9.1.0.0 | |
| ibm | marketing_platform | 9.1.2.0 | |
| ibm | marketing_platform | 10.0 | |
| ibm | marketing_operations | 8.6.0.0 | |
| ibm | marketing_operations | 9.0.0.0 | |
| ibm | marketing_operations | 9.1.0.0 | |
| ibm | marketing_operations | 10.0.0.0 | |
| ibm | distributed_marketing | 8.6.0.0 | |
| ibm | distributed_marketing | 9.0.0.0 | |
| ibm | distributed_marketing | 9.1.0.0 | |
| ibm | distributed_marketing | 10.0.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:marketing_platform:8.6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B8A5AFAE-62C2-4606-8173-862BE8575821",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_platform:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AFFD0672-3CA3-41C4-B20C-884DF334A176",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_platform:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "56A0E390-060B-4037-BD87-B0F96DE21CFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_platform:9.1.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "805E751A-E060-48BC-B98A-5EBDA75DBCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_platform:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A394A760-E812-4D3C-9B00-F55EEA03CFB5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACFA73E2-B8C4-494F-B894-D25A024B4559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E41E05D9-5E80-42F3-B7A3-C1933EB5D873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB557416-74AD-4E44-8440-1DEBD90AEC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:10.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C4655821-4F02-4B21-B451-F627ECADAED1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:distributed_marketing:8.6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67832F29-CC33-43DE-BE61-5534B2DCD03E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:distributed_marketing:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "286F79AB-AE7E-4A30-9290-7F197268203E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:distributed_marketing:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3E69AC4F-A5CB-4270-9AE7-706D4D59F61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:distributed_marketing:10.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2E63FD79-9964-45C8-BE39-22D37ACECECD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282."
},
{
"lang": "es",
"value": "IBM Distributed Marketing y Marketing Platform 8.6, 9.0, 9.1 y 10.0 podr\u00eda permitir a un usuario autenticado escalar sus privilegios y obtener permisos administrativos sobre la aplicaci\u00f3n web. IBM X-Force ID: 118282."
}
],
"id": "CVE-2016-6112",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-22T20:29:00.173",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992739"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-8887
Vulnerability from fkie_nvd - Published: 2015-06-07 18:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E531A36F-A564-471F-BAD0-D1C5FC85DA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE23ADE-A03F-4D45-9E38-5CB6BEBEAB49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7C4573-F53A-43EF-B440-58034244190D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABAE3AA-4055-4F2B-B8A7-D6C3394B9E88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B71AD86-240D-4979-A77C-33696E4213DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F21BD4-DA4A-4136-BA6F-95874B8F8922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E34E9484-52FB-4B43-B4F5-8A38521C53A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "537D64AD-E149-4216-B44D-8BA332ABFD9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B341A3E2-4B41-4DEB-808A-91E9ACA72CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D67C55B1-026B-401F-ACDA-B66005CE32AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA042350-E6FA-41F3-919D-9C841758E372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "455339EF-4E46-49BE-981C-D33B95FC7178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67394F9C-E8E5-4D6D-95C3-B6EDE6B3AA22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B9AE915-AF90-4708-8F0C-AA1E5E665B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "080925DF-094A-4112-88FD-1D694783E0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "200D048E-AF6D-4297-BA6F-2B0DE85DC2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "785007F6-EE19-4656-9308-6E8AF0085301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0CF9F4-05B2-4421-BBDD-C1F40207046A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09BD7A-D6A5-4FF7-ADA4-938F3D5C65D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "09BD533F-071B-4B7C-8F5B-00D4DDECFD40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "98457298-9D1D-42C5-B881-6F44E6491B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6354E225-151F-47C4-9F09-8C8A48EBE0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B72D0B99-6EBF-4C26-BF10-386D6E85697F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D287267-07BB-4C69-8D45-BEB037A43C6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B011552F-ABB0-444A-9D29-007959F675E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC7CE4C-AB66-44F2-8C68-7EBBB5EF5D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73EAB8BC-D328-433E-96A6-45D0E7DA22E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C4A96506-150B-42AE-AECF-1B113711BD6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE31DEBA-4EE0-41E3-9AEA-598F16508CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "98E7EE0B-8C30-40E5-B13E-4372F544EA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAFA92D-5945-4C63-B1C7-D7E7382C91E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7F1AFD-EABC-4F3B-AB7D-9A7646A128EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBB9FB2-A887-48B1-BBA1-6433D3C4B349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "675ED36E-E604-47A0-9D25-1E226B34C60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3D201D6C-B4C1-4F70-9E2C-F9DD66C6365E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "264A3344-3C67-469D-B66B-7DF224C5CC5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "318EA510-B8F7-4D7F-885B-6587AE254331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B0464BC7-9657-45DC-BFAD-70DC752FCFAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12292141-84D2-4FF9-A876-30D5382E7F30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7723EF-F236-44CD-801E-55C970AD552F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34A3430-1BEA-4EDF-9315-B15322847334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBA46AE-5D4A-4CA8-8F5B-34E8F38D21FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6362AAC2-5A15-4717-A426-29F395355EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "51F99258-65C2-4DB6-A4E1-AB07C728AA53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8D06F9F7-1560-4E2E-B1C6-2A9FD3BBF81C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE7BC6F-74F4-4C04-8821-6907611D5E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACFA73E2-B8C4-494F-B894-D25A024B4559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "267EDCCE-0448-4868-AA97-5BE82FE406A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2504F5-7DCA-4157-B90A-41372DA27162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2BF2E40C-7147-4C73-BCDE-3C741C863902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFD3BE6-92D9-423F-A4EE-4117DCE08B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BC7AD7A-258D-4BF4-8E79-F9D604B7AB3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D8836B46-251D-4A64-94EF-EF87A995A047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E41E05D9-5E80-42F3-B7A3-C1933EB5D873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B74EB5EB-608A-4941-B3C9-230980EF326F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EB5394-A456-40F3-9139-AA547708DB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9D3A26D4-5FD5-4420-A181-D7589C4642C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B352CB2F-69D3-4D84-B995-5EAD31369624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB557416-74AD-4E44-8440-1DEBD90AEC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "431A59C0-0E34-4F1D-91B4-999D32933E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "32B2C3DF-6B89-4DA7-9348-DDA33F1ECC82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "47C6D490-4BDD-4A77-9D76-CB31E5E2B8A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0EDBAC4E-8904-4DD0-9833-B2295E3A5511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4898B8CF-2FD9-4339-B765-574703BA2A18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors."
},
{
"lang": "es",
"value": "IBM Marketing Operations 7.x y 8.x anterior a 8.5.0.7.2, 8.6.x anterior a 8.6.0.8, 9.0.x anterior a 9.0.0.4.1, 9.1.0.x anterior a 9.1.0.5, y 9.1.1.x anterior a 9.1.1.2 permite a usuarios remotos autenticados subir ficheros GIFAR arbitrarios, y como consecuencia modificar datos, a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-8887",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-07T18:59:02.470",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-6222
Vulnerability from fkie_nvd - Published: 2015-06-07 18:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E531A36F-A564-471F-BAD0-D1C5FC85DA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE23ADE-A03F-4D45-9E38-5CB6BEBEAB49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7C4573-F53A-43EF-B440-58034244190D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABAE3AA-4055-4F2B-B8A7-D6C3394B9E88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B71AD86-240D-4979-A77C-33696E4213DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F21BD4-DA4A-4136-BA6F-95874B8F8922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E34E9484-52FB-4B43-B4F5-8A38521C53A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "537D64AD-E149-4216-B44D-8BA332ABFD9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B341A3E2-4B41-4DEB-808A-91E9ACA72CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D67C55B1-026B-401F-ACDA-B66005CE32AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA042350-E6FA-41F3-919D-9C841758E372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "455339EF-4E46-49BE-981C-D33B95FC7178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67394F9C-E8E5-4D6D-95C3-B6EDE6B3AA22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B9AE915-AF90-4708-8F0C-AA1E5E665B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "080925DF-094A-4112-88FD-1D694783E0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "200D048E-AF6D-4297-BA6F-2B0DE85DC2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "785007F6-EE19-4656-9308-6E8AF0085301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0CF9F4-05B2-4421-BBDD-C1F40207046A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09BD7A-D6A5-4FF7-ADA4-938F3D5C65D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "09BD533F-071B-4B7C-8F5B-00D4DDECFD40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "98457298-9D1D-42C5-B881-6F44E6491B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6354E225-151F-47C4-9F09-8C8A48EBE0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B72D0B99-6EBF-4C26-BF10-386D6E85697F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D287267-07BB-4C69-8D45-BEB037A43C6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B011552F-ABB0-444A-9D29-007959F675E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC7CE4C-AB66-44F2-8C68-7EBBB5EF5D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73EAB8BC-D328-433E-96A6-45D0E7DA22E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C4A96506-150B-42AE-AECF-1B113711BD6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE31DEBA-4EE0-41E3-9AEA-598F16508CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "98E7EE0B-8C30-40E5-B13E-4372F544EA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAFA92D-5945-4C63-B1C7-D7E7382C91E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7F1AFD-EABC-4F3B-AB7D-9A7646A128EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBB9FB2-A887-48B1-BBA1-6433D3C4B349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "675ED36E-E604-47A0-9D25-1E226B34C60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3D201D6C-B4C1-4F70-9E2C-F9DD66C6365E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "264A3344-3C67-469D-B66B-7DF224C5CC5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "318EA510-B8F7-4D7F-885B-6587AE254331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B0464BC7-9657-45DC-BFAD-70DC752FCFAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12292141-84D2-4FF9-A876-30D5382E7F30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7723EF-F236-44CD-801E-55C970AD552F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34A3430-1BEA-4EDF-9315-B15322847334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBA46AE-5D4A-4CA8-8F5B-34E8F38D21FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6362AAC2-5A15-4717-A426-29F395355EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "51F99258-65C2-4DB6-A4E1-AB07C728AA53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8D06F9F7-1560-4E2E-B1C6-2A9FD3BBF81C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE7BC6F-74F4-4C04-8821-6907611D5E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACFA73E2-B8C4-494F-B894-D25A024B4559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "267EDCCE-0448-4868-AA97-5BE82FE406A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2504F5-7DCA-4157-B90A-41372DA27162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2BF2E40C-7147-4C73-BCDE-3C741C863902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFD3BE6-92D9-423F-A4EE-4117DCE08B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BC7AD7A-258D-4BF4-8E79-F9D604B7AB3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D8836B46-251D-4A64-94EF-EF87A995A047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E41E05D9-5E80-42F3-B7A3-C1933EB5D873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B74EB5EB-608A-4941-B3C9-230980EF326F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EB5394-A456-40F3-9139-AA547708DB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9D3A26D4-5FD5-4420-A181-D7589C4642C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B352CB2F-69D3-4D84-B995-5EAD31369624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB557416-74AD-4E44-8440-1DEBD90AEC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "431A59C0-0E34-4F1D-91B4-999D32933E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "32B2C3DF-6B89-4DA7-9348-DDA33F1ECC82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "47C6D490-4BDD-4A77-9D76-CB31E5E2B8A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0EDBAC4E-8904-4DD0-9833-B2295E3A5511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4898B8CF-2FD9-4339-B765-574703BA2A18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en IBM Marketing Operations 7.x y 8.x anetrior a 8.5.0.7.2, 8.6.x anterior a 8.6.0.8, 9.0.x anterior a 9.0.0.4.1, 9.1.0.x anterior a 9.1.0.5, y 9.1.1.x anterior a 9.1.1.2 permite a usuarios remotos autenticados leer ficheros arbitrarios a trav\u00e9s de un .. (punto punto) en una URL."
}
],
"id": "CVE-2014-6222",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-06-07T18:59:01.297",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-6175
Vulnerability from fkie_nvd - Published: 2015-06-07 18:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E531A36F-A564-471F-BAD0-D1C5FC85DA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DAE23ADE-A03F-4D45-9E38-5CB6BEBEAB49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE7C4573-F53A-43EF-B440-58034244190D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.2.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6ABAE3AA-4055-4F2B-B8A7-D6C3394B9E88",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B71AD86-240D-4979-A77C-33696E4213DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F21BD4-DA4A-4136-BA6F-95874B8F8922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.3.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E34E9484-52FB-4B43-B4F5-8A38521C53A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "537D64AD-E149-4216-B44D-8BA332ABFD9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B341A3E2-4B41-4DEB-808A-91E9ACA72CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D67C55B1-026B-401F-ACDA-B66005CE32AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AA042350-E6FA-41F3-919D-9C841758E372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "455339EF-4E46-49BE-981C-D33B95FC7178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.4.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "67394F9C-E8E5-4D6D-95C3-B6EDE6B3AA22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9B9AE915-AF90-4708-8F0C-AA1E5E665B35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "080925DF-094A-4112-88FD-1D694783E0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "200D048E-AF6D-4297-BA6F-2B0DE85DC2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "785007F6-EE19-4656-9308-6E8AF0085301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB0CF9F4-05B2-4421-BBDD-C1F40207046A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7D09BD7A-D6A5-4FF7-ADA4-938F3D5C65D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "09BD533F-071B-4B7C-8F5B-00D4DDECFD40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:7.5.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "98457298-9D1D-42C5-B881-6F44E6491B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6354E225-151F-47C4-9F09-8C8A48EBE0C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B72D0B99-6EBF-4C26-BF10-386D6E85697F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6D287267-07BB-4C69-8D45-BEB037A43C6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "B011552F-ABB0-444A-9D29-007959F675E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1BC7CE4C-AB66-44F2-8C68-7EBBB5EF5D30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "73EAB8BC-D328-433E-96A6-45D0E7DA22E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C4A96506-150B-42AE-AECF-1B113711BD6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE31DEBA-4EE0-41E3-9AEA-598F16508CF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "98E7EE0B-8C30-40E5-B13E-4372F544EA3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5BAFA92D-5945-4C63-B1C7-D7E7382C91E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7F1AFD-EABC-4F3B-AB7D-9A7646A128EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9EBB9FB2-A887-48B1-BBA1-6433D3C4B349",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.9:*:*:*:*:*:*:*",
"matchCriteriaId": "675ED36E-E604-47A0-9D25-1E226B34C60A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3D201D6C-B4C1-4F70-9E2C-F9DD66C6365E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.11:*:*:*:*:*:*:*",
"matchCriteriaId": "264A3344-3C67-469D-B66B-7DF224C5CC5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "318EA510-B8F7-4D7F-885B-6587AE254331",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.2.0.13:*:*:*:*:*:*:*",
"matchCriteriaId": "B0464BC7-9657-45DC-BFAD-70DC752FCFAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12292141-84D2-4FF9-A876-30D5382E7F30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C7723EF-F236-44CD-801E-55C970AD552F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D34A3430-1BEA-4EDF-9315-B15322847334",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBA46AE-5D4A-4CA8-8F5B-34E8F38D21FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6362AAC2-5A15-4717-A426-29F395355EC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "51F99258-65C2-4DB6-A4E1-AB07C728AA53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8D06F9F7-1560-4E2E-B1C6-2A9FD3BBF81C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.5.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "BEE7BC6F-74F4-4C04-8821-6907611D5E2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "ACFA73E2-B8C4-494F-B894-D25A024B4559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "267EDCCE-0448-4868-AA97-5BE82FE406A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B2504F5-7DCA-4157-B90A-41372DA27162",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2BF2E40C-7147-4C73-BCDE-3C741C863902",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3DFD3BE6-92D9-423F-A4EE-4117DCE08B75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8BC7AD7A-258D-4BF4-8E79-F9D604B7AB3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:8.6.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D8836B46-251D-4A64-94EF-EF87A995A047",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E41E05D9-5E80-42F3-B7A3-C1933EB5D873",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B74EB5EB-608A-4941-B3C9-230980EF326F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2EB5394-A456-40F3-9139-AA547708DB4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9D3A26D4-5FD5-4420-A181-D7589C4642C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.0.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "B352CB2F-69D3-4D84-B995-5EAD31369624",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB557416-74AD-4E44-8440-1DEBD90AEC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "431A59C0-0E34-4F1D-91B4-999D32933E6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "32B2C3DF-6B89-4DA7-9348-DDA33F1ECC82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "47C6D490-4BDD-4A77-9D76-CB31E5E2B8A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0EDBAC4E-8904-4DD0-9833-B2295E3A5511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:marketing_operations:9.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4898B8CF-2FD9-4339-B765-574703BA2A18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en IBM Marketing Operations 7.x y 8.x anterior a 8.5.0.7.2, 8.6.x anterior a 8.6.0.8, 9.0.x anterior a 9.0.0.4.1, 9.1.0.x anterior a 9.1.0.5, y 9.1.1.x anterior a 9.1.1.2 permite a usuarios remotos autenticados inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-6175",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-06-07T18:59:00.063",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-4125 (GCVE-0-2020-4125)
Vulnerability from cvelistv5 – Published: 2020-07-20 21:52 – Updated: 2024-08-04 07:52
VLAI?
Summary
Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information.
Severity ?
No CVSS data available.
CWE
- "Sensitive data exposure"
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | "HCL Marketing Operations" |
Affected:
"9.1.2.4, 10.1.x, 11.1.0.x"
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080941"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "\"HCL Marketing Operations\"",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "\"9.1.2.4, 10.1.x, 11.1.0.x\""
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "\"Sensitive data exposure\"",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-20T21:52:17",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080941"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@hcl.com",
"ID": "CVE-2020-4125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "\"HCL Marketing Operations\"",
"version": {
"version_data": [
{
"version_value": "\"9.1.2.4, 10.1.x, 11.1.0.x\""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "\"Sensitive data exposure\""
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080941",
"refsource": "MISC",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080941"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2020-4125",
"datePublished": "2020-07-20T21:52:17",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1119 (GCVE-0-2017-1119)
Vulnerability from cvelistv5 – Published: 2018-11-09 00:00 – Updated: 2024-09-16 19:36
VLAI?
Summary
IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be returned containing the full root path. An attacker could use this information to launch further attacks against the affected system. IBM X-Force ID: 121171.
Severity ?
CWE
- Obtain Information
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Marketing Operations |
Affected:
9.1.2
Affected: 10.1 Affected: 9.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-marketing-cve20171119-path-disc(121171)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121171"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10738519"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Marketing Operations",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.1.2"
},
{
"status": "affected",
"version": "10.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
}
],
"datePublic": "2018-11-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be returned containing the full root path. An attacker could use this information to launch further attacks against the affected system. IBM X-Force ID: 121171."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 3.8,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/A:N/AC:L/AV:N/C:L/I:N/PR:L/S:U/UI:N/E:U/RC:C/RL:O",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-08T23:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-marketing-cve20171119-path-disc(121171)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121171"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10738519"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-11-05T00:00:00",
"ID": "CVE-2017-1119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Marketing Operations",
"version": {
"version_data": [
{
"version_value": "9.1.2"
},
{
"version_value": "10.1"
},
{
"version_value": "9.1.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be returned containing the full root path. An attacker could use this information to launch further attacks against the affected system. IBM X-Force ID: 121171."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "N",
"PR": "L",
"S": "U",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-marketing-cve20171119-path-disc(121171)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121171"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10738519",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10738519"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1119",
"datePublished": "2018-11-09T00:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T19:36:48.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6112 (GCVE-0-2016-6112)
Vulnerability from cvelistv5 – Published: 2017-05-22 20:00 – Updated: 2024-08-06 01:22
VLAI?
Summary
IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282.
Severity ?
No CVSS data available.
CWE
- Gain Privileges
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Marketing Platform |
Affected:
8.0, 8.1, 8.2, 8.3, 8.5, 8.6, 9.0, 9.1, 9.1.1, 9.1.2, 10.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:20.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992739"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Marketing Platform",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0, 8.1, 8.2, 8.3, 8.5, 8.6, 9.0, 9.1, 9.1.1, 9.1.2, 10.0"
}
]
}
],
"datePublic": "2017-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-22T19:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992739"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-6112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Marketing Platform",
"version": {
"version_data": [
{
"version_value": "8.0, 8.1, 8.2, 8.3, 8.5, 8.6, 9.0, 9.1, 9.1.1, 9.1.2, 10.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21992739",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992739"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-6112",
"datePublished": "2017-05-22T20:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:22:20.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8887 (GCVE-0-2014-8887)
Vulnerability from cvelistv5 – Published: 2015-06-07 18:00 – Updated: 2024-08-06 13:33
VLAI?
Summary
IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:33:11.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-06-07T18:57:00",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-8887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-8887",
"datePublished": "2015-06-07T18:00:00",
"dateReserved": "2014-11-14T00:00:00",
"dateUpdated": "2024-08-06T13:33:11.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6175 (GCVE-0-2014-6175)
Vulnerability from cvelistv5 – Published: 2015-06-07 18:00 – Updated: 2024-08-06 12:10
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:10:12.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-06-07T18:57:00",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6175",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-6175",
"datePublished": "2015-06-07T18:00:00",
"dateReserved": "2014-09-02T00:00:00",
"dateUpdated": "2024-08-06T12:10:12.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6222 (GCVE-0-2014-6222)
Vulnerability from cvelistv5 – Published: 2015-06-07 18:00 – Updated: 2024-08-06 12:10
VLAI?
Summary
Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:10:12.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-06-07T18:57:00",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6222",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-6222",
"datePublished": "2015-06-07T18:00:00",
"dateReserved": "2014-09-02T00:00:00",
"dateUpdated": "2024-08-06T12:10:12.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-4125 (GCVE-0-2020-4125)
Vulnerability from nvd – Published: 2020-07-20 21:52 – Updated: 2024-08-04 07:52
VLAI?
Summary
Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information.
Severity ?
No CVSS data available.
CWE
- "Sensitive data exposure"
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | "HCL Marketing Operations" |
Affected:
"9.1.2.4, 10.1.x, 11.1.0.x"
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080941"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "\"HCL Marketing Operations\"",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "\"9.1.2.4, 10.1.x, 11.1.0.x\""
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "\"Sensitive data exposure\"",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-20T21:52:17",
"orgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"shortName": "HCL"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080941"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@hcl.com",
"ID": "CVE-2020-4125",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "\"HCL Marketing Operations\"",
"version": {
"version_data": [
{
"version_value": "\"9.1.2.4, 10.1.x, 11.1.0.x\""
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Using HCL Marketing Operations 9.1.2.4, 10.1.x, 11.1.0.x, a malicious attacker could download files from the RHEL environment by doing some modification in the link, giving the attacker access to confidential information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "\"Sensitive data exposure\""
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080941",
"refsource": "MISC",
"url": "https://support.hcltechsw.com/csm?id=kb_article\u0026sysparm_article=KB0080941"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1e47fe04-f25f-42fa-b674-36de2c5e3cfc",
"assignerShortName": "HCL",
"cveId": "CVE-2020-4125",
"datePublished": "2020-07-20T21:52:17",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-1119 (GCVE-0-2017-1119)
Vulnerability from nvd – Published: 2018-11-09 00:00 – Updated: 2024-09-16 19:36
VLAI?
Summary
IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be returned containing the full root path. An attacker could use this information to launch further attacks against the affected system. IBM X-Force ID: 121171.
Severity ?
CWE
- Obtain Information
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM | Marketing Operations |
Affected:
9.1.2
Affected: 10.1 Affected: 9.1.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:17.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-marketing-cve20171119-path-disc(121171)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121171"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10738519"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Marketing Operations",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "9.1.2"
},
{
"status": "affected",
"version": "10.1"
},
{
"status": "affected",
"version": "9.1.0"
}
]
}
],
"datePublic": "2018-11-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be returned containing the full root path. An attacker could use this information to launch further attacks against the affected system. IBM X-Force ID: 121171."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 3.8,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/A:N/AC:L/AV:N/C:L/I:N/PR:L/S:U/UI:N/E:U/RC:C/RL:O",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Obtain Information",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-08T23:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-marketing-cve20171119-path-disc(121171)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121171"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10738519"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2018-11-05T00:00:00",
"ID": "CVE-2017-1119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Marketing Operations",
"version": {
"version_data": [
{
"version_value": "9.1.2"
},
{
"version_value": "10.1"
},
{
"version_value": "9.1.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be returned containing the full root path. An attacker could use this information to launch further attacks against the affected system. IBM X-Force ID: 121171."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "N",
"AC": "L",
"AV": "N",
"C": "L",
"I": "N",
"PR": "L",
"S": "U",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-marketing-cve20171119-path-disc(121171)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/121171"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10738519",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10738519"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2017-1119",
"datePublished": "2018-11-09T00:00:00Z",
"dateReserved": "2016-11-30T00:00:00",
"dateUpdated": "2024-09-16T19:36:48.953Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-6112 (GCVE-0-2016-6112)
Vulnerability from nvd – Published: 2017-05-22 20:00 – Updated: 2024-08-06 01:22
VLAI?
Summary
IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282.
Severity ?
No CVSS data available.
CWE
- Gain Privileges
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| IBM Corporation | Marketing Platform |
Affected:
8.0, 8.1, 8.2, 8.3, 8.5, 8.6, 9.0, 9.1, 9.1.1, 9.1.2, 10.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:22:20.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992739"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Marketing Platform",
"vendor": "IBM Corporation",
"versions": [
{
"status": "affected",
"version": "8.0, 8.1, 8.2, 8.3, 8.5, 8.6, 9.0, 9.1, 9.1.1, 9.1.2, 10.0"
}
]
}
],
"datePublic": "2017-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-22T19:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992739"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2016-6112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Marketing Platform",
"version": {
"version_data": [
{
"version_value": "8.0, 8.1, 8.2, 8.3, 8.5, 8.6, 9.0, 9.1, 9.1.1, 9.1.2, 10.0"
}
]
}
}
]
},
"vendor_name": "IBM Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. IBM X-Force ID: 118282."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21992739",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21992739"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2016-6112",
"datePublished": "2017-05-22T20:00:00",
"dateReserved": "2016-06-29T00:00:00",
"dateUpdated": "2024-08-06T01:22:20.588Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8887 (GCVE-0-2014-8887)
Vulnerability from nvd – Published: 2015-06-07 18:00 – Updated: 2024-08-06 13:33
VLAI?
Summary
IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:33:11.945Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-06-07T18:57:00",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-8887",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to upload arbitrary GIFAR files, and consequently modify data, via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-8887",
"datePublished": "2015-06-07T18:00:00",
"dateReserved": "2014-11-14T00:00:00",
"dateUpdated": "2024-08-06T13:33:11.945Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6175 (GCVE-0-2014-6175)
Vulnerability from nvd – Published: 2015-06-07 18:00 – Updated: 2024-08-06 12:10
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:10:12.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-06-07T18:57:00",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6175",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-6175",
"datePublished": "2015-06-07T18:00:00",
"dateReserved": "2014-09-02T00:00:00",
"dateUpdated": "2024-08-06T12:10:12.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-6222 (GCVE-0-2014-6222)
Vulnerability from nvd – Published: 2015-06-07 18:00 – Updated: 2024-08-06 12:10
VLAI?
Summary
Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T12:10:12.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-06-07T18:57:00",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-6222",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in IBM Marketing Operations 7.x and 8.x before 8.5.0.7.2, 8.6.x before 8.6.0.8, 9.0.x before 9.0.0.4.1, 9.1.0.x before 9.1.0.5, and 9.1.1.x before 9.1.1.2 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21902933"
},
{
"name": "PO04455",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO04455"
},
{
"name": "PO02715",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO02715"
},
{
"name": "PO03923",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PO03923"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-6222",
"datePublished": "2015-06-07T18:00:00",
"dateReserved": "2014-09-02T00:00:00",
"dateUpdated": "2024-08-06T12:10:12.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}