CVE-2016-9717

6.5MEDIUM

Key Information:

Vendor: IBM
Status: Infosphere Master Data Management
Vendor: CVE Published:; 31 July 2017

Summary

HTTP Parameter Override is identified in the IBM Infosphere Master Data Management (MDM) 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 product. It enables attackers by exposing the presence of duplicated parameters which may produce an anomalous behavior in the application that can be potentially exploited.

Affected Version(s)

InfoSphere Master Data Management 10.1

InfoSphere Master Data Management 11.0

InfoSphere Master Data Management 11.3

References

http://www.securityfocus.com/bid/100074

vdb-entryx_refsource_BID

http://www.ibm.com/support/docview.wss?uid=swg22006605

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/119730

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 31, 2017
Vulnerability Reserved
Dec 1, 2016

.