Access Control Bypass Vulnerability in IBM InfoSphere Master Data Management
CVE-2015-1984
Currently unrated
Summary
The vulnerability in IBM InfoSphere Master Data Management Collaborative Edition versions 9.1, 10.1, 11.0, 11.3, and 11.4 prior to FP03 allows remote authenticated users to bypass access controls. This exploitation enables attackers to read arbitrary user profiles through unspecified methods, compromising sensitive information. Such a weakness can facilitate username discovery, which could be leveraged for conducting brute-force attacks against user accounts, thus posing a significant risk to the confidentiality and integrity of user data.
References
Timeline
Vulnerability published
Vulnerability Reserved