IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to bypass intended access restrictions and read arbitrary profiles via unspecified vectors, as demonstrated by discovering usernames for use in brute-force attacks.
References
Link | Resource |
---|---|
http://www-01.ibm.com/support/docview.wss?uid=swg21960244 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/75474 | |
http://www-01.ibm.com/support/docview.wss?uid=swg21960244 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/75474 |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:26
Type | Values Removed | Values Added |
---|---|---|
References | () http://www-01.ibm.com/support/docview.wss?uid=swg21960244 - Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/75474 - |
Information
Published : 2015-07-20 01:59
Updated : 2024-11-21 02:26
NVD link : CVE-2015-1984
Mitre link : CVE-2015-1984
CVE.ORG link : CVE-2015-1984
JSON object : View
Products Affected
ibm
- infosphere_master_data_management