IBME2B0E79A4DC49940F708E747BF950E742ADBDD825E2E014416A5E5786A19F4E8Security Bulletin: IBM InfoSphere Reference Data Management affected by Privilege Escalation vulnerability(CVE-2015-1945)
0.002 Low
EPSS
Percentile
60.4%
Summary
IBM InfoSphere Reference Data Management is vulnerable to Privilege Escalation attack caused by improper authorization check.
Vulnerability Details
CVEID: CVE-2015-1945 DESCRIPTION: IBM InfoSphere Master Data Management Server could allow an authenticated attacker to gain escalated privileges through an undisclosed vulnerability.
CVSS Base Score: 6.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/103162> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)
Affected Products and Versions
IBM InfoSphere InfoSphere Reference Data Management Versions 11.4, 11.3, 11.0, 10.1
Remediation/Fixes
The recommended solution is to apply the fix as soon as practical. Please see below for information on the fixes available.
| Product | VRMF | APAR | Remediation/First Fix |
|---|---|---|---|
| IBM InfoSphere Reference Data Management |
11.4
| None| 11.4-FP03
IBM InfoSphere Reference Data Management|
11.3
| None| 11.3-FP03
IBM InfoSphere Reference Data Management|
11.0
| None| 11.0-FP04
IBM InfoSphere Reference Data Management|
10.1
| None| 10.1.0.3
Workarounds and Mitigations
None known
Related
0.002 Low
EPSS
Percentile
60.4%