CVE-2015-4958

CWE-200 — Information Exposure4 documents4 sources

Severity

3.3LOW

EPSS

0.0%

top 86.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Infosphere Master Data Management

Timeline

PublishedJan 17

Latest updateMay 17

Description

IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 does not properly restrict browser caching, which allows local users to obtain sensitive information by reading cache files.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages1 packages

▶NVDibm/infosphere_master_data_management5 versions+4

🔴Vulnerability Details

GHSA

GHSA-c998-v77q-rqgg: IBM InfoSphere Master Data Management - Collaborative Edition 9↗2022-05-17

▶

CVEList

CVE-2015-4958: IBM InfoSphere Master Data Management - Collaborative Edition 9↗2016-01-17

▶

💬Community

Bugzilla

CVE-2015-2181 CVE-2015-8864 CVE-2016-4068 CVE-2016-4069 roundcubemail: security issues fixed in version 1.0.9↗2016-04-25

▶