Cross-site request forgery (CSRF) vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to hijack the authentication of arbitrary users.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:03
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/60679 - | |
References | () http://secunia.com/advisories/60693 - | |
References | () http://secunia.com/advisories/60695 - | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg21681649 - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/69262 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/92885 - |
Information
Published : 2014-08-17 23:55
Updated : 2024-11-21 02:03
NVD link : CVE-2014-0969
Mitre link : CVE-2014-0969
CVE.ORG link : CVE-2014-0969
JSON object : View
Products Affected
ibm
- infosphere_master_data_management_server_for_product_information_management
- infosphere_master_data_management
CWE
CWE-352
Cross-Site Request Forgery (CSRF)