CVE-2013-5426

Session fixation vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 IF5 and 11.0 before IF1 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1 IF11 allows remote authenticated users to hijack web sessions via unspecified vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:infosphere_master_data_management_collaboration_server:10.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_collaboration_server:10.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_collaboration_server:11.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:9.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:9.1:*:*:*:*:*:*:*

History

21 Nov 2024, 01:57

Type Values Removed Values Added
References () http://www-01.ibm.com/support/docview.wss?uid=swg21660082 - Vendor Advisory () http://www-01.ibm.com/support/docview.wss?uid=swg21660082 - Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/87535 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/87535 -

Information

Published : 2013-12-19 22:55

Updated : 2024-11-21 01:57


NVD link : CVE-2013-5426

Mitre link : CVE-2013-5426

CVE.ORG link : CVE-2013-5426


JSON object : View

Products Affected

ibm

  • infosphere_master_data_management_server_for_product_information_management
  • infosphere_master_data_management_collaboration_server
CWE
CWE-287

Improper Authentication