Remote Code Execution Vulnerability in IBM InfoSphere Master Data Management Server
CVE-2016-9719

5.7MEDIUM

Key Information:

Vendor
IBM
Status
Infosphere Master Data Management
Vendor
CVE Published:
31 July 2017

Summary

A vulnerability in IBM InfoSphere Master Data Management Server versions 10.1 to 11.6 allows remote attackers to hijack users' click actions via a malicious website. This exploit could enable attackers to initiate further attacks, compromising the security of affected systems. Users are advised to be cautious and to apply relevant patches to mitigate these risks.

Affected Version(s)

InfoSphere Master Data Management 10.1

InfoSphere Master Data Management 11.0

InfoSphere Master Data Management 11.3

References

http://www.ibm.com/support/docview.wss?uid=swg22006607
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/119733
x_refsource_MISC
http://www.securityfocus.com/bid/100060
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.7
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.