Cross-Site Request Forgery Vulnerability in IBM Initiate Master Data Service
CVE-2014-4785

Currently unrated

Key Information:

Vendor: IBM
Status: Initiate Master Data Service
Vendor: CVE Published:; 10 September 2014

Summary

An identified CSRF vulnerability affects various versions of IBM Initiate Master Data Service. This flaw enables remote authenticated users to spoof requests, potentially allowing them to hijack the authentication of other users and insert harmful XSS sequences. This manipulation poses significant security risks, compromising data integrity and user trust.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95032

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21682450

x_refsource_CONFIRM

http://secunia.com/advisories/60996

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Sep 10, 2014
Vulnerability Reserved
Jul 9, 2014