Filtered by vendor Ibm
Subscribe
Filtered by product Infosphere Master Data Management Server
Subscribe
Total
13 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-4675 | 4 Ibm, Linux, Microsoft and 1 more | 6 Aix, Infosphere Master Data Management Server, Linux On Ibm Z and 3 more | 2024-02-28 | 4.3 MEDIUM | 6.5 MEDIUM |
IBM InfoSphere Master Data Management Server 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 186324. | |||||
CVE-2016-9719 | 1 Ibm | 1 Infosphere Master Data Management Server | 2024-02-28 | 3.5 LOW | 5.7 MEDIUM |
IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 119733. | |||||
CVE-2016-9715 | 1 Ibm | 1 Infosphere Master Data Management Server | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119728. | |||||
CVE-2017-1309 | 1 Ibm | 1 Infosphere Master Data Management Server | 2024-02-28 | 2.1 LOW | 7.8 HIGH |
IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 125463. | |||||
CVE-2016-9718 | 1 Ibm | 1 Infosphere Master Data Management Server | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
IBM InfoSphere Master Data Management Server 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 119732. | |||||
CVE-2016-9717 | 1 Ibm | 1 Infosphere Master Data Management Server | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
HTTP Parameter Override is identified in the IBM Infosphere Master Data Management (MDM) 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 product. It enables attackers by exposing the presence of duplicated parameters which may produce an anomalous behavior in the application that can be potentially exploited. | |||||
CVE-2017-1199 | 1 Ibm | 1 Infosphere Master Data Management Server | 2024-02-28 | 3.5 LOW | 5.4 MEDIUM |
IBM InfoSphere Master Data Management Server 10.0, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 123674. | |||||
CVE-2016-9714 | 1 Ibm | 1 Infosphere Master Data Management Server | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
IBM InfoSphere Master Data Management Server 10.1, 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 119727. | |||||
CVE-2016-9716 | 1 Ibm | 1 Infosphere Master Data Management Server | 2024-02-28 | 6.8 MEDIUM | 8.8 HIGH |
IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 119729. | |||||
CVE-2015-1945 | 1 Ibm | 1 Infosphere Master Data Management Server | 2024-02-28 | 6.5 MEDIUM | N/A |
Unspecified vulnerability in the Reference Data Management component in IBM InfoSphere Master Data Management 10.1, 11.0, 11.3 before FP3, and 11.4 allows remote authenticated users to gain privileges via unknown vectors. | |||||
CVE-2015-1909 | 1 Ibm | 1 Infosphere Master Data Management Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The XML parser in the Reference Data Management component in the server in IBM InfoSphere Master Data Management (MDM) 10.1 before IF1, 11.0 before FP3, 11.3, and 11.4 before FP2 allows remote attackers to read arbitrary files, and consequently obtain administrative access, via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
CVE-2015-1910 | 1 Ibm | 1 Infosphere Master Data Management Server | 2024-02-28 | 3.5 LOW | N/A |
Cross-site scripting (XSS) vulnerability in the Reference Data Management component in the server in IBM InfoSphere Master Data Management (MDM) 10.1 before IF1, 11.0 before FP3, and 11.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | |||||
CVE-2014-0873 | 1 Ibm | 1 Infosphere Master Data Management Server | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) Data Stewardship, (2) Business Admin, and (3) Product interfaces in IBM InfoSphere Master Data Management (MDM) Server 8.5 before 8.5.0.82, 9.0.1 before 9.0.1.38, 9.0.2 before 9.0.2.35, 10.0 before 10.0.0.0.26, and 10.1 before 10.1.0.0.15 allow remote attackers to hijack the authentication of arbitrary users. |