Authentication Vulnerability in IBM Initiate Master Data Service Products
CVE-2014-4788

Currently unrated

Key Information:

Vendor: IBM
Status: Initiate Master Data Service
Vendor: CVE Published:; 10 September 2014

Summary

The authentication fields in certain versions of IBM Initiate Master Data Service lack the off autocomplete attribute, which can expose sensitive login data. This flaw can be exploited by remote attackers to gain unauthorized access via unattended workstations, posing a significant risk to organizations' data security.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95058

vdb-entryx_refsource_XF

http://www-01.ibm.com/support/docview.wss?uid=swg21682450

x_refsource_CONFIRM

Timeline

Vulnerability published
Sep 10, 2014
Vulnerability Reserved
Jul 9, 2014