3 matches found
Security Bulletin: Session Identifier Not Updated vulnerability in GDS component of IBM InfoSphere Master Data Management - Collaborative Edition (CVE-2014-3009)
Summary IBM InfoSphere Master Data Management - Collaborative Edition does not update the session identifier after a successful authentication. An attacker could exploit this vulnerability to gain unauthorized access to the application by acting as the session created by a regular user...
Security Bulletin: Phishing through frames vulnerability in the GDS component of IBM® InfoSphere® Master Data Management - Collaborative Edition (CVE-2014-3009)
Summary IBM® InfoSphere® Master Data Management - Collaborative Edition is vulnerable to phishing through frames vulnerability. Vulnerability Details CVE ID: CVE-2014-3009 Description: IBM® InfoSphere® Master Data Management - Collaborative Edition is vulnerable to phishing through frames. An...
CVE-2014-3009
The CVE-2014-3009 issue affects IBM InfoSphere Master Data Management - Collaborative Edition (GDS component) 10.0–11.0 and IBM InfoSphere Master Data Management Server for Product Information Management 9.0–9.1. Root cause: the GDS component does not properly handle FRAME elements, enabling phis...