File Disclosure Vulnerability in IBM InfoSphere Master Data Management
CVE-2014-3064

Currently unrated

Key Information:

Vendor: IBM
Status: Infosphere Master Data Management Server For Product Information Management; Infosphere Master Data Management Collaboration Server
Vendor: CVE Published:; 19 July 2014

Summary

The GDS component in IBM InfoSphere Master Data Management versions 10.x and 11.x before FP4, along with the InfoSphere Master Data Management Server for Product Information Management versions 9.0 and 9.1, is vulnerable to a security flaw that allows remote authenticated users to read arbitrary files. This can occur when a crafted UNIX file parameter is utilized, potentially leading to unauthorized information exposure.

References

http://www.securityfocus.com/bid/69027

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/93600

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21677299

x_refsource_CONFIRM

Timeline

Vulnerability published
Jul 19, 2014
Vulnerability Reserved
Apr 29, 2014