SQL Injection Vulnerability in IBM InfoSphere Master Data Management
CVE-2014-0966

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Master Data Management Server For Product Information Management; Infosphere Master Data Management
Vendor: CVE Published:; 17 August 2014

Summary

This SQL injection vulnerability affects certain versions of IBM InfoSphere Master Data Management components, allowing authenticated remote users to execute arbitrary SQL commands through unspecified methods. This can result in unauthorized data manipulation or exposure, posing a risk to the integrity and confidentiality of the information managed by these products.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21681651

x_refsource_CONFIRM

http://secunia.com/advisories/60693

third-party-advisoryx_refsource_SECUNIA

http://secunia.com/advisories/60679

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Aug 17, 2014
Vulnerability Reserved
Jan 6, 2014