Skip to main content

Infosphere Master Data Management Server

12 CVEs product

Monthly

CVE-2017-1199 MEDIUM PATCH This Month

IBM InfoSphere Master Data Management Server 10.0, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Infosphere Master Data Management Server
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-9719 MEDIUM PATCH This Month

IBM InfoSphere Master Data Management Server 10.1. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Infosphere Master Data Management Server
NVD
CVSS 3.0
5.7
EPSS
0.2%
CVE-2016-9718 MEDIUM PATCH This Month

IBM InfoSphere Master Data Management Server 10.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Infosphere Master Data Management Server
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-9717 MEDIUM PATCH This Month

HTTP Parameter Override is identified in the IBM Infosphere Master Data Management (MDM) 10.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Infosphere Master Data Management Server
NVD
CVSS 3.0
6.5
EPSS
0.2%
CVE-2016-9716 HIGH PATCH This Week

IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF IBM Infosphere Master Data Management Server
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-9715 MEDIUM PATCH This Month

IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Infosphere Master Data Management Server
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-9714 HIGH PATCH This Week

IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF IBM Infosphere Master Data Management Server
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-1309 HIGH PATCH This Week

IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

IBM Information Disclosure Infosphere Master Data Management Server
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2015-1945 MEDIUM PATCH This Month

Unspecified vulnerability in the Reference Data Management component in IBM InfoSphere Master Data Management 10.1, 11.0, 11.3 before FP3, and 11.4 allows remote authenticated users to gain. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Infosphere Master Data Management Server
NVD
CVSS 2.0
6.5
EPSS
0.3%
CVE-2015-1910 LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Reference Data Management component in the server in IBM InfoSphere Master Data Management (MDM) 10.1 before IF1, 11.0 before FP3, and 11.3 allows. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Infosphere Master Data Management Server
NVD
CVSS 2.0
3.5
EPSS
0.2%
CVE-2015-1909 MEDIUM PATCH This Month

The XML parser in the Reference Data Management component in the server in IBM InfoSphere Master Data Management (MDM) 10.1 before IF1, 11.0 before FP3, 11.3, and 11.4 before FP2 allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM XXE Information Disclosure Infosphere Master Data Management Server
NVD
CVSS 2.0
5.0
EPSS
0.3%
CVE-2014-0873 MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) Data Stewardship, (2) Business Admin, and (3) Product interfaces in IBM InfoSphere Master Data Management (MDM) Server 8.5 before. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

IBM CSRF Infosphere Master Data Management Server
NVD VulDB
CVSS 2.0
6.8
EPSS
0.1%
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM InfoSphere Master Data Management Server 10.0, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Infosphere Master Data Management Server
NVD
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

IBM InfoSphere Master Data Management Server 10.1. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Infosphere Master Data Management Server
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM InfoSphere Master Data Management Server 10.1. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Infosphere Master Data Management Server
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

HTTP Parameter Override is identified in the IBM Infosphere Master Data Management (MDM) 10.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Infosphere Master Data Management Server
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF IBM Infosphere Master Data Management Server
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Infosphere Master Data Management Server
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF IBM Infosphere Master Data Management Server
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

IBM Information Disclosure Infosphere Master Data Management Server
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Unspecified vulnerability in the Reference Data Management component in IBM InfoSphere Master Data Management 10.1, 11.0, 11.3 before FP3, and 11.4 allows remote authenticated users to gain. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Infosphere Master Data Management Server
NVD
EPSS 0% CVSS 3.5
LOW PATCH Monitor

Cross-site scripting (XSS) vulnerability in the Reference Data Management component in the server in IBM InfoSphere Master Data Management (MDM) 10.1 before IF1, 11.0 before FP3, and 11.3 allows. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.

IBM XSS Infosphere Master Data Management Server
NVD
EPSS 0% CVSS 5.0
MEDIUM PATCH This Month

The XML parser in the Reference Data Management component in the server in IBM InfoSphere Master Data Management (MDM) 10.1 before IF1, 11.0 before FP3, 11.3, and 11.4 before FP2 allows remote. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM XXE Information Disclosure +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) Data Stewardship, (2) Business Admin, and (3) Product interfaces in IBM InfoSphere Master Data Management (MDM) Server 8.5 before. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

IBM CSRF Infosphere Master Data Management Server
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy