30 matches found
CVE-2016-4505
CVE-2016-4505 affects Resource Data Management’s Intuitive 650 TDB Controller (versions 2.1 and earlier). A privileged user can change passwords for other users, enabling local or remote privilege escalation via unspecified vectors; CVSSv3 indicates base score 8.8 (HIGH) with network access, low ...
CVE-2016-4506
Cross-site request forgery CSRF vulnerability on Resource Data Management RDM Intuitive 650 TDB Controller devices before 2.1.24 allows remote authenticated users to hijack the authentication of arbitrary users...
CVE-2016-4505
Resource Data Management RDM Intuitive 650 TDB Controller devices before 2.1.24 allow remote authenticated users to modify arbitrary passwords via unspecified vectors...
Resource Data Management Intuitive 650 TDB Controller Vulnerabilities (Update A)
OVERVIEW This updated advisory is a follow-up to the original advisory titled ICSA-16-140-01 Resource Data Management Intuitive 650 TBD Controller Vulnerabilities that was published May 19, 2016, on the NCCIC/ICS-CERT web site. Independent researcher Maxim Rupp has identified a privilege escalati...
Cross site scripting
Cross-site scripting XSS vulnerability in Reference Data Management RDM in IBM InfoSphere Master Data Management 10.1, 11.0 before FP5, 11.3, 11.4, and 11.5 before FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...
CVE-2015-7492
IBM InfoSphere Master Data Management’s Reference Data Management (RDM) is affected by CVE-2015-7492 via improper validation of user-supplied input, enabling cross-site scripting through a specially crafted URL when authenticated remotely. Affected versions include IBM InfoSphere MDM/RDM 10.1, 11...
Cross site scripting
Cross-site scripting XSS vulnerability in IBM InfoSphere Master Data Management Reference Data Management RDM Hub 10.1 and 11.0 before 11.0.0.0-MDM-IF008 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...
CVE-2014-0850
The IBM bulletin confirms CVE-2014-0850 affects InfoSphere Master Data Management Reference Data Management Hub versions 10.1 and 11.0, with an XSS flaw allowing remote authenticated users to inject script via a crafted URL. Root cause: unvalidated URL input in the RDM Hub surface. Impact: possib...
RDM Embedded Lock Manager 9.x - lm_tcp Service Buffer Overflow
RDM Embedded Lock Manager 9.x - lmtcp Service Buffer Overflow source: https://www.securityfocus.com/bid/45245/info RDM Embedded is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. The issue affects the 'lmtcp' service. Successful...
RDM Embedded Lock Manager < 9.x - 'lm_tcp' Service Buffer Overflow
source: https://www.securityfocus.com/bid/45245/info RDM Embedded is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data. The issue affects the 'lmtcp' service. Successful exploits may allow an attacker to execute arbitrary code in t...