CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2012-0205
https://notcve.org/view.php?id=CVE-2012-0205
31 Jan 2013 — InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 does not properly restrict use of the troubleshooting feature, which allows remote authenticated users to bypass intended access restrictions or cause a denial of service (workbench outage) via unspecified vectors. InfoSphere Metadata Workbench (MWB) v8.1 hasta v8.7 en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, y v8.7 no restringe correctamente el uso de la funcionlidad de ... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.1EPSS: 0%CPEs: 10EXPL: 0CVE-2012-0203
https://notcve.org/view.php?id=CVE-2012-0203
31 Jan 2013 — Cross-site scripting (XSS) vulnerability in InfoSphere Metadata Workbench (MWB) 8.1 through 8.7 in IBM InfoSphere Information Server 8.1, 8.5 before FP3, and 8.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidades de ejecución de secuencias de comandos en sitios cruzados (XSS) en InfoSphere Metadata Workbench (MWB) v8.1 through v8.7 en IBM InfoSphere Information Server v8.1, v8.5 anterior a FP3, y v8.7, permite a atacantes remotos inyectar secuencias de c... • http://www-01.ibm.com/support/docview.wss?uid=swg21623501 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •