Unauthorized Report Access in IBM InfoSphere Master Data Management
CVE-2017-1523

7.5HIGH

Key Information:

Vendor
IBM
Status
Infosphere Master Data Management
Vendor
CVE Published:
24 October 2017

Summary

IBM InfoSphere Master Data Management - Collaborative Edition 11.5 is susceptible to a flaw that permits unauthorized users to download sensitive reports without proper authentication. This vulnerability raises significant security concerns, as it could lead to potential data exposure and misuse. Organizations relying on this product should take immediate action to assess the risks and implement necessary safeguards to protect sensitive information.

References

http://www.securityfocus.com/bid/101566
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/129892
x_refsource_MISC
https://www.ibm.com/support/docview.wss?uid=swg22009633
x_refsource_CONFIRM

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.