IBMB3A0398BF6F2EA8BD8018997F0C928EC0435F1C8715DE019FE31C539990A6753Security Bulletin: Unix File Parameter Alteration vulnerability in GDS component of IBM® InfoSphere® Master Data Management - Collaborative Edition (CVE-2014-3064).
EPSS
Percentile
46.3%
Summary
IBM® InfoSphere® Master Data Management - Collaborative Edition is vulnerable to a Unix file parameter alteration vulnerability. This vulnerability might allow unauthorized access to data; specifically, an authorized person might be able to copy files from the InfoSphere MDM - Collaborative Edition system.
Vulnerability Details
CVE ID:CVE-2014-3064
CVSS:
CVSS Base Score: 6.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/93600> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:C/I:N/A:N)
Affected Products and Versions
IBM InfoSphere Master Data Management - Collaborative Edition Versions 11.3, 11.0, 10.1 and 10.0 – GDS component only.
IBM InfoSphere Master Data Management Server for Product Information Management Versions 9.1 and 9.0 – GDS component only.
Remediation/Fixes
If you are using the GDS component, the recommended solution is to apply the fix as soon as practical. Please see below for information on the fixes available.
| Product | VRMF | APAR | Remediation/First Fix |
|---|---|---|---|
| IBM InfoSphere Master Data Management - Collaborative Edition | 11.3 | None | 11.3-IF002 |
| IBM InfoSphere Master Data Management - Collaborative Edition | 11.0 | None | 11.0-FP4 |
| IBM InfoSphere Master Data Management - Collaborative Edition | 10.1/10.0 | None | Contact IBM Customer Support |
| IBM InfoSphere Master Data Management Server for Product Information Management | 9.1/9.0 | None | Contact IBM Customer Support |
Workarounds and Mitigations
None known
Related
EPSS
Percentile
46.3%