Ibm Infosphere Master Data Management vulnerabilities
26 known vulnerabilities affecting ibm/infosphere_master_data_management.
Total CVEs
26
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH5MEDIUM17LOW4
Vulnerabilities
Page 2 of 2
CVE-2015-1968LOWCVSS 3.5v9.1v10.1+3 more2015-07-20
CVE-2015-1968 [LOW] CWE-79 CVE-2015-1968: Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data Management Collaborative Edit
Cross-site scripting (XSS) vulnerability in IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
nvd
CVE-2014-3063HIGHCVSS 7.5v10.0v10.1+2 more2014-08-17
CVE-2014-3063 [HIGH] CWE-264 CVE-2014-3063: IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1-FP11 and 11.x before
IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1-FP11 and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1-FP15 and 10.x and 11.x before 11.3-IF2 allow local users to obtain administrator privileges via unspecified vectors.
nvd
CVE-2014-0966MEDIUMCVSS 6.5v10.0v10.1+2 more2014-08-17
CVE-2014-0966 [MEDIUM] CWE-89 CVE-2014-0966: SQL injection vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collabor
SQL injection vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
nvd
CVE-2014-4775MEDIUMCVSS 5.0v10.0v10.1+2 more2014-08-17
CVE-2014-4775 [MEDIUM] CWE-255 CVE-2014-4775: IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1-FP11 and 11.x before
IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1-FP11 and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1-FP15 and 10.x and 11.x before 11.3-IF2 do not properly protect credentials, which allows remote attackers to obtain sensitive information via unspecif
nvd
CVE-2014-0969MEDIUMCVSS 6.8v10.0v10.1+2 more2014-08-17
CVE-2014-0969 [MEDIUM] CWE-352 CVE-2014-0969: Cross-site request forgery (CSRF) vulnerability in the GDS component in IBM InfoSphere Master Data M
Cross-site request forgery (CSRF) vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to hijack the authentication of arbitrary
nvd
CVE-2014-3009LOWCVSS 3.5v10.0v10.1+1 more2014-08-01
CVE-2014-3009 [LOW] CWE-20 CVE-2014-3009: The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0
The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct phishing attacks via a crafted web site.
nvd
← Previous2 / 2