IBMCA263C6FDED3997E70F8B3078D6E04679BCE30A00ADBF13D7BE04FC0D8766E0DSecurity Bulletin: IBM InfoSphere Master Data Management Reference Data Management Hub is affected by a user password being stored in plain text vulnerability (CVE-2017-1309)
0.0004 Low
EPSS
Percentile
5.1%
Summary
IBM InfoSphere Master Data Management Reference Data Management Hub has addressed the following vulnerability. IBM InfoSphere Master Data Management Reference Data Management Hub stores user credentials in plain text which can be read by a local user.
Vulnerability Details
CVEID:CVE-2017-1309**
DESCRIPTION: *IBM InfoSphere Master Data Management Reference Data Management Hub stores user credentials in plain in clear text which can be read by a local user.
CVSS Base Score: 4.4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/125463 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)
Affected Products and Versions
Affected IBM InfoSphere Master Data Management Server
|
Affected Versions
—|—
IBM InfoSphere MDM Reference Data Management Hub| 11.0
IBM InfoSphere MDM Reference Data Management Hub| 11.3
IBM InfoSphere MDM Reference Data Management Hub| 11.4
IBM InfoSphere MDM Reference Data Management Hub| 11.5
IBM InfoSphere MDM Reference Data Management Hub| 11.6
Remediation/Fixes
Product
|
VRMF
|
APAR
|
Remediation / First Fix
—|—|—|—
IBM InfoSphere MDM Reference Data Management Hub| 11.0| None| 11.0.0.5-MDM-RDM-FP05IF001
IBM InfoSphere MDM Reference Data Management Hub| 11.3| None| 11.3.0.6-MDM-RDM-FP06IF000
IBM InfoSphere MDM Reference Data Management Hub| 11.4| None| 11.4.0.7-MDM-RDM-FP07IF001
IBM InfoSphere MDM Reference Data Management Hub| 11.5| None| 11.5.0.5-MDM-RDM-FP05IF000
IBM InfoSphere MDM Reference Data Management Hub| 11.6| None| 11.6.0.2-MDM-RDM-FP02IF001
Workarounds and Mitigations
None
Affected configurations
Related
0.0004 Low
EPSS
Percentile
5.1%