{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-08-12T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in adv_sw.php in the Advanced Management Module (AMM) with firmware BBET before BBET64G and BPET before BPET64G for IBM BladeCenter systems allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"name": "advancedmm-cve20134007-xss(85274)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85274"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093491"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2013-4007", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in adv_sw.php in the Advanced Management Module (AMM) with firmware BBET before BBET64G and BPET before BPET64G for IBM BladeCenter systems allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "advancedmm-cve20134007-xss(85274)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85274"}, {"name": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093491", "refsource": "CONFIRM", "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093491"}]}}}}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2013-4007", "datePublished": "2013-08-16T01:00:00", "dateReserved": "2013-06-07T00:00:00", "dateUpdated": "2017-08-28T12:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:advanced_management_module:*:l:*:*:*:*:*:*", "matchCriteriaId": "AC52F58A-CC17-48B4-ABB1-7470AE5FFBDE", "versionEndIncluding": "2.48", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:*:g:*:*:*:*:*:*", "matchCriteriaId": "65D8F61D-3A9B-4851-A59E-B7594DFDE9A8", "versionEndIncluding": "3.54", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.00:*:*:*:*:*:*:*", "matchCriteriaId": "478D3D8F-338F-494A-A3FF-5B1007DD90CF", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.01:*:*:*:*:*:*:*", "matchCriteriaId": "DF211E79-BC73-4D6A-8153-19AEE82345D4", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.20:*:*:*:*:*:*:*", "matchCriteriaId": "231325FC-D582-41B6-8CF4-07FEE414D19B", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.20:f:*:*:*:*:*:*", "matchCriteriaId": "F2F265EA-4CDD-4B6F-9212-74D395F6034A", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.25:*:*:*:*:*:*:*", "matchCriteriaId": "7A01662B-8A72-4011-AA27-5A12C6B56FDA", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.25:e:*:*:*:*:*:*", "matchCriteriaId": "9DFF42E1-162B-46EA-BDB6-E3452201550A", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.25:i:*:*:*:*:*:*", "matchCriteriaId": "BBFF96E9-59AB-40D8-A531-7FB36A4B1E84", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.26:b:*:*:*:*:*:*", "matchCriteriaId": "EACAF1A3-EADC-4E15-AE0C-76F6E1FE5219", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.26:e:*:*:*:*:*:*", "matchCriteriaId": "0E5AA726-67C7-43EF-AB4C-DC9EC2AB39A5", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.26:h:*:*:*:*:*:*", "matchCriteriaId": "0B967754-11D2-4903-AB8E-6608FD0FD836", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.26:i:*:*:*:*:*:*", "matchCriteriaId": "1F293BB5-4169-49EC-8DF4-3F0575F7F4D3", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.26:k:*:*:*:*:*:*", "matchCriteriaId": "178B4552-5FE7-439F-86C4-5123F23F4117", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.28:g:*:*:*:*:*:*", "matchCriteriaId": "F58BC7F2-438E-4681-9741-7A8DC581DE3B", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.32:d:*:*:*:*:*:*", "matchCriteriaId": "86CF34AF-A48D-4CE0-9144-5209A16C9C86", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.34:b:*:*:*:*:*:*", "matchCriteriaId": "A555F94B-2D23-4ED6-947C-CBEC1A2768C1", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.34:e:*:*:*:*:*:*", "matchCriteriaId": "AEC68099-D84F-4516-8D6A-3580F49DF4B0", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.36:d:*:*:*:*:*:*", "matchCriteriaId": "304A13AA-E04B-43B6-84DD-3235170F5C55", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.36:g:*:*:*:*:*:*", "matchCriteriaId": "F26C2C6D-D2E1-42D6-A700-53AD1D3A3876", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.36:h:*:*:*:*:*:*", "matchCriteriaId": "5F61FF30-2B40-44A3-8257-69E92EC0DE23", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.36:k:*:*:*:*:*:*", "matchCriteriaId": "EF1B6195-649E-4577-99F3-B04C0B762FF4", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.42:d:*:*:*:*:*:*", "matchCriteriaId": "377C2D86-620B-4BC8-A118-9B52EBC609D5", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.42:f:*:*:*:*:*:*", "matchCriteriaId": "E9BB015A-30D6-4942-BAC6-DD96E151B8CA", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.42:i:*:*:*:*:*:*", "matchCriteriaId": "7B916267-C840-48C5-B3DC-73BCDA9C91C8", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.42:n:*:*:*:*:*:*", "matchCriteriaId": "6D979D22-C158-41DE-8AFA-EF3C040B1F58", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.42:o:*:*:*:*:*:*", "matchCriteriaId": "66B0F30E-1E3F-4BD4-BE24-0A26C4CA56E1", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:1.42:t:*:*:*:*:*:*", "matchCriteriaId": "2C927655-9D61-4921-AA51-27E7D6A2007C", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.46:c:*:*:*:*:*:*", "matchCriteriaId": "1ED4EBB8-760C-4DA6-8404-3BB104D08656", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.46:j:*:*:*:*:*:*", "matchCriteriaId": "C65476D1-5104-4DE1-B0DF-FBD811F74ACB", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.48:c:*:*:*:*:*:*", "matchCriteriaId": "A2F8CD93-5278-43F6-87E0-0FED8ACD330A", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.48:d:*:*:*:*:*:*", "matchCriteriaId": "6460DE58-67FA-44AE-B20F-A60BAC07F516", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.48:g:*:*:*:*:*:*", "matchCriteriaId": "54EAE737-288C-4F0E-A510-44C8B4B94E70", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.48:n:*:*:*:*:*:*", "matchCriteriaId": "D29A5D9C-E5F7-4228-A63F-82F2A55E242E", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.50:c:*:*:*:*:*:*", "matchCriteriaId": "EA87A054-0FF2-407C-95C7-21CC7C98801C", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.50:g:*:*:*:*:*:*", "matchCriteriaId": "8BDD8DB8-3B3B-4A10-BEF5-703D6DB7E874", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.50:k:*:*:*:*:*:*", "matchCriteriaId": "0D10BE3E-7AB3-4F75-BB38-BB9EB5D27BC7", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:2.50:p:*:*:*:*:*:*", "matchCriteriaId": "2274C274-E094-4F01-9D81-B5FC1FAD3F8D", "vulnerable": true}, {"criteria": "cpe:2.3:h:ibm:advanced_management_module:3.54:d:*:*:*:*:*:*", "matchCriteriaId": "542C8BC6-078E-4B06-8092-31F8BE90E382", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ibm:bladecenter:hs22:*:*:*:*:*:*:*", "matchCriteriaId": "1052332C-2892-4E69-8180-305039D6AF20", "vulnerable": false}, {"criteria": "cpe:2.3:h:ibm:bladecenter:hs22v:*:*:*:*:*:*:*", "matchCriteriaId": "1245D63B-4A91-4934-8DD8-49B4A10F33A0", "vulnerable": false}, {"criteria": "cpe:2.3:h:ibm:bladecenter:hs23:*:*:*:*:*:*:*", "matchCriteriaId": "A633BBA0-4330-41DE-AAAE-D568D9E7442D", "vulnerable": false}, {"criteria": "cpe:2.3:h:ibm:bladecenter:hs23e:*:*:*:*:*:*:*", "matchCriteriaId": "8644F48F-5032-48CB-B921-0CCC8E233347", "vulnerable": false}, {"criteria": "cpe:2.3:h:ibm:bladecenter:hx5:*:*:*:*:*:*:*", "matchCriteriaId": "929B68CB-91CD-40EB-87A0-BD66E25922E7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in adv_sw.php in the Advanced Management Module (AMM) with firmware BBET before BBET64G and BPET before BPET64G for IBM BladeCenter systems allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}, {"lang": "es", "value": "Vulnerabilidad Cross-site scripting (XSS) en adv_sw.php en Advanced Management Module (AMM) con firmware BBET anterior a BBET64G y BPET anterior a BPET64G para sistemas IBM BladeCenter, permite a atacantes remotos inyectar web scripts arbitrarios o HTML mediante vectores desconocidos."}], "id": "CVE-2013-4007", "lastModified": "2017-08-29T01:33:32.217", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2013-08-16T01:55:16.113", "references": [{"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "http://www.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5093491"}, {"source": "psirt@us.ibm.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85274"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}