Unrated severityNVD Advisory· Published Dec 8, 2012· Updated Jun 16, 2026
CVE-2012-3297
CVE-2012-3297
Description
Cross-site scripting (XSS) vulnerability in the embedded HTTP server in the Service Console in IBM Tivoli Monitoring 6.2.2 before 6.2.2-TIV-ITM-FP0009 and 6.3.2 before 6.2.3-TIV-ITM-FP0001 allows remote attackers to inject arbitrary web script or HTML via a crafted URI.
Affected products
3cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*
- (no CPE)range: 6.2.2 before 6.2.2-TIV-ITM-FP0009 and 6.3.2 before 6.2.3-TIV-ITM-FP0001
Patches
Vulnerability mechanics
References
3- www.ibm.com/support/docview.wssnvdPatchVendor Advisory
- www.securitytracker.com/idnvd
- exchange.xforce.ibmcloud.com/vulnerabilities/77291nvd
News mentions
0No linked articles in our index yet.