CVE-2024-43184

Опубликовано: 04 сент. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.

Ссылки

https://www.ibm.com/support/pages/node/7244013
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:jazz_foundation:7.0.2:-:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix001:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix002:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix003:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix004:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix005:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix006:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix007:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix008a:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix009:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix010:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix011:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix012:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix013:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix014:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix016:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix017:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix018:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix020a:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix021:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix022:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix023:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix024:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix025:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix026a:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix027:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix028:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix029:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix030:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix031:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix032:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.2:ifix033:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.3:-:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix001:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix002:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix003:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix004:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix005:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix006:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix007:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix008:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix009:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix010:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix011:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.0.3:ifix012:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.1.0:-:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.1.0:ifix001:*:*:*:*:*:*

cpe:2.3:a:ibm:jazz_foundation:7.1.0:ifix002:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00057

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-vrqp-w2p3-rfqh