Cross-Site Request Forgery Vulnerability in IBM InfoSphere Master Data Management Server
CVE-2020-4675

6.5MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
16 July 2021

Summary

IBM InfoSphere Master Data Management Server version 11.6 is susceptible to Cross-Site Request Forgery (CSRF) attacks. This vulnerability could potentially allow attackers to carry out unauthorized actions on behalf of trusted users, exploiting the trust a web application has in the user's browser. As a result, an attacker could manipulate user-specific actions, compromising the integrity of user data and operations within the system. It is crucial for users to implement necessary security measures to mitigate this risk.

Affected Version(s)

InfoSphere Master Data Management 11.6

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.