CVE-2014-4788

Currently unrated

Key Information:

Vendor: IBM
Status: Initiate Master Data Service
Vendor: CVE Published:; 10 September 2014

Summary

IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7.093013, 10.0 before 10.0.093013, and 10.1 before 10.1.093013 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95058

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21682450

x_refsource_CONFIRM

Timeline

Vulnerability published
Sep 10, 2014
Vulnerability Reserved
Jul 9, 2014