Cross-Site Request Forgery in IBM InfoSphere Master Data Management Products
CVE-2013-5427

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Master Data Management Server For Product Information Management; Infosphere Master Data Management Collaboration Server
Vendor: CVE Published:; 4 February 2014

Summary

A Cross-Site Request Forgery vulnerability exists in IBM InfoSphere Master Data Management - Collaborative Edition and Server for Product Information Management. This flaw enables remote attackers to execute unauthorized actions by hijacking the authentication of users, potentially leading to significant security risks. Proper mitigation strategies should be implemented to safeguard user sessions against such exploitations.

References

http://www.ibm.com/support/docview.wss?uid=swg21663181

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/87536

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 4, 2014
Vulnerability Reserved
Aug 22, 2013