Skip to main content

Infosphere Master Data Management Server CVE-2015-1945

MEDIUM
2015-06-02 psirt@us.ibm.com
6.5
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:S/C:P/I:P/A:P
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P

Lifecycle Timeline

1
CVE Published
Jun 02, 2015 - 14:59 cve.org
MEDIUM 6.5

DescriptionCVE.org

Unspecified vulnerability in the Reference Data Management component in IBM InfoSphere Master Data Management 10.1, 11.0, 11.3 before FP3, and 11.4 allows remote authenticated users to gain privileges via unknown vectors.

AnalysisAI

Unspecified vulnerability in the Reference Data Management component in IBM InfoSphere Master Data Management 10.1, 11.0, 11.3 before FP3, and 11.4 allows remote authenticated users to gain. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Technical ContextAI

Unspecified vulnerability in the Reference Data Management component in IBM InfoSphere Master Data Management 10.1, 11.0, 11.3 before FP3, and 11.4 allows remote authenticated users to gain privileges via unknown vectors. Affected products include: Ibm Infosphere Master Data Management Server.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2016-9716 HIGH
8.8 Jul 31

IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forger

CVE-2016-9714 HIGH
8.8 Jul 31

IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request

CVE-2017-1309 HIGH
7.8 Jul 19

IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be rea

CVE-2014-0873 MEDIUM
6.8 Mar 16

Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) Data Stewardship, (2) Business Admin, and (3) Prod

CVE-2016-9717 MEDIUM
6.5 Jul 31

HTTP Parameter Override is identified in the IBM Infosphere Master Data Management (MDM) 10.1. Rated medium severity (CV

CVE-2016-9719 MEDIUM
5.7 Jul 31

IBM InfoSphere Master Data Management Server 10.1. Rated medium severity (CVSS 5.7), this vulnerability is remotely expl

CVE-2017-1199 MEDIUM
5.4 Aug 03

IBM InfoSphere Master Data Management Server 10.0, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scriptin

CVE-2016-9718 MEDIUM
5.4 Jul 31

IBM InfoSphere Master Data Management Server 10.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely expl

CVE-2016-9715 MEDIUM
5.4 Jul 31

IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. Rat

CVE-2015-1909 MEDIUM
5.0 May 25

The XML parser in the Reference Data Management component in the server in IBM InfoSphere Master Data Management (MDM) 1

CVE-2015-1910 LOW
3.5 May 25

Cross-site scripting (XSS) vulnerability in the Reference Data Management component in the server in IBM InfoSphere Mast

Share

CVE-2015-1945 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy