56 matches found
CVE-2014-3063
IBM InfoSphere Master Data Management - Collaborative Edition (CDE) versions 10.x before 10.1-FP11 and 11.x before 11.0-FP5, and InfoSphere MDM Server for Product Information Management (PIM) 9.x before 9.1-FP15, 10.x, and 11.x before 11.3-IF2 are affected by a local privilege escalation that cou...
CVE-2014-4775
IBM InfoSphere Master Data Management – Collaborative Edition 10.x (before 10.1-FP11) and 11.x (before 11.0-FP5) plus InfoSphere Master Data Management Server for Product Information Management 9.x (before 9.1-FP15) and 10.x/11.x (before 11.3-IF2) are affected by CVE-2014-4775, which describes fa...
CVE-2014-0966
IBM InfoSphere Master Data Management - Collaborative Edition (GDS component) and the related Server for Product Information Management are affected by CVE-2014-0966. The vulnerability is an SQL injection (blind) that could allow a remote authenticated attacker to view, add, modify, or delete dat...
CVE-2014-0971: IBM InfoSphere Master Data Management - Collaborative Edition session fixation
IBM InfoSphere Master Data Management - Collaborative Edition is affected by a session fixation vulnerability: the application does not upgrade the session identifier after successful authentication, potentially allowing an attacker to impersonate an authenticated user by using the victim’s sessi...
CVE-2014-3009
The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct...
CVE-2014-3009
The CVE-2014-3009 issue affects IBM InfoSphere Master Data Management - Collaborative Edition (GDS component) 10.0–11.0 and IBM InfoSphere Master Data Management Server for Product Information Management 9.0–9.1. Root cause: the GDS component does not properly handle FRAME elements, enabling phis...
CVE-2014-0968
Cross-site scripting XSS vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0 FP4 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows remote authenticated users to inject...
CVE-2014-0968
CVE-2014-0968 affects IBM InfoSphere Master Data Management - Collaborative Edition (GDS) and MDM Server for Product Information Management. The root cause is improper validation of user-supplied input, enabling cross-site scripting via a crafted URL for an MHTML document. Affected products/versi...
CVE-2014-3064
CVE-2014-3064 affects IBM InfoSphere Master Data Management - Collaborative Edition (GDS component) and InfoSphere MDM Server for Product Information Management. A remote authenticated user can read arbitrary files via a crafted UNIX file parameter. Affected: Collaborative Edition v10.0/10.1/11.x...
CVE-2014-0970
IBM’s Security Bulletin confirms CVE-2014-0970 affects the GDS component of IBM InfoSphere Master Data Management - Collaborative Edition (versions 11.3, 11.0, 10.1 and 10.0) and IBM InfoSphere Master Data Management Server for Product Information Management (versions 9.1 and 9.0). The issue is a...
CVE-2014-0968
Cross-site scripting XSS vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0 FP4 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows remote authenticated users to inject...
CVE-2013-5427
CVE-2013-5427 : IBM InfoSphere Master Data Management — Collaborative Edition (CD Edition) and related MDM Server for PIM are affected by a CSRF vulnerability. The IBM bulletin identifies the affected products/versions as: Collaborative Edition 10.x up to 11.0 (specifically 10.0, 10.1 with FP8, a...
CVE-2013-5426
Session fixation vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 IF5 and 11.0 before IF1 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1 IF11 allows remote authenticated users to hijack web sessions via...
CVE-2013-5426
CVE-2013-5426 affects IBM InfoSphere Master Data Management - Collaborative Edition (11.0, 10.1, 10.0) and IBM InfoSphere Master Data Management Server for Product Information Management (9.0, 9.1). The issue is a session-fixation vulnerability that could allow an authenticated attacker to hijack...
CVE-2013-4036
CVE-2013-4036 affects IBM InfoSphere Master Data Management products: InfoSphere Master Data Management Server for Product Information Management (PIM) versions 9.0/9.1 and Collaborative Edition (MDMCS) versions 10.0/10.1/11.0. The vulnerability is an XSS due to improper validation of user-suppli...
CVE-2013-0478
The CVE-2013-0478 entry describes an XSS vulnerability in IBM InfoSphere Master Data Management – Collaborative Edition (versions 10.0 and 10.1 before FP1) and InfoSphere Master Data Management Server for Product Information Management (versions 6.0, 9.0, 9.1). The flaw allows remote authenticate...