CSRF Vulnerability in IBM InfoSphere Master Data Management Products
CVE-2014-0969

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Master Data Management Server For Product Information Management; Infosphere Master Data Management
Vendor: CVE Published:; 17 August 2014

Summary

A Cross-Site Request Forgery (CSRF) vulnerability exists in the GDS component of IBM InfoSphere Master Data Management - Collaborative Edition and Master Data Management Server for Product Information Management. This flaw enables remote authenticated users to bypass security measures, potentially hijacking the authentication of other users. It affects multiple versions, making numerous clients susceptible to unauthorized actions if not mitigated effectively.

References

http://secunia.com/advisories/60693

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/69262

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/92885

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Aug 17, 2014
Vulnerability Reserved
Jan 6, 2014