Lucene search

K
cve[email protected]CVE-2014-4775
HistoryAug 17, 2014 - 11:55 p.m.

CVE-2014-4775

2014-08-1723:55:07
CWE-255
web.nvd.nist.gov
17
ibm
infosphere
master data management
collaborative edition
server
credential protection
remote attack
vulnerability

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.003

Percentile

69.0%

IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1-FP11 and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1-FP15 and 10.x and 11.x before 11.3-IF2 do not properly protect credentials, which allows remote attackers to obtain sensitive information via unspecified vectors.

Affected configurations

NVD
Node
ibminfosphere_master_data_managementMatch10.0collaborative
OR
ibminfosphere_master_data_managementMatch10.1collaborative
OR
ibminfosphere_master_data_managementMatch11.0collaborative
OR
ibminfosphere_master_data_managementMatch11.3collaborative
OR
ibminfosphere_master_data_management_server_for_product_information_managementMatch9.0
OR
ibminfosphere_master_data_management_server_for_product_information_managementMatch9.1
VendorProductVersionCPE
ibminfosphere_master_data_management11.3cpe:/a:ibm:infosphere_master_data_management:11.3::collaborative:
ibminfosphere_master_data_management10.1cpe:/a:ibm:infosphere_master_data_management:10.1::collaborative:
ibminfosphere_master_data_management10.0cpe:/a:ibm:infosphere_master_data_management:10.0::collaborative:
ibminfosphere_master_data_management_server_for_product_information_management9.1cpe:/a:ibm:infosphere_master_data_management_server_for_product_information_management:9.1:::
ibminfosphere_master_data_management11.0cpe:/a:ibm:infosphere_master_data_management:11.0::collaborative:
ibminfosphere_master_data_management_server_for_product_information_management9.0cpe:/a:ibm:infosphere_master_data_management_server_for_product_information_management:9.0:::

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

6.2

Confidence

Low

EPSS

0.003

Percentile

69.0%

Related for CVE-2014-4775