Phishing Vulnerability in IBM InfoSphere Master Data Management
CVE-2014-3009

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Master Data Management Server For Product Information Management
Vendor: CVE Published:; 1 August 2014

Summary

The GDS component in IBM InfoSphere Master Data Management does not properly process FRAME elements. This oversight allows remote authenticated users to exploit the vulnerability and conduct phishing attacks through specially crafted websites, posing a significant risk to organizations using affected versions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/92952

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21677306

x_refsource_CONFIRM

Timeline

Vulnerability published
Aug 1, 2014
Vulnerability Reserved
Apr 29, 2014