CSRF Vulnerability in IBM Initiate Master Data Service
CVE-2014-4783

Currently unrated

Key Information:

Vendor: IBM
Status: Initiate Master Data Service
Vendor: CVE Published:; 10 September 2014

Summary

A cross-site request forgery (CSRF) vulnerability exists in IBM Initiate Master Data Service versions prior to 9.5.093013, 9.7.093013, 10.0.093013, and 10.1.093013. This flaw allows remote attackers to exploit the authentication processes of arbitrary users, potentially leading to unauthorized requests that can insert cross-site scripting (XSS) sequences. Proper mitigation strategies are essential for organizations using these versions to protect against authentication exploitation.

References

http://www.securityfocus.com/bid/69693

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/95030

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21682450

x_refsource_CONFIRM

Timeline

Vulnerability published
Sep 10, 2014
Vulnerability Reserved
Jul 9, 2014