PT-2014-6118 · Ibm · Ibm Initiate Master Data Service

Publicado

2014-09-10

Atualizado

2017-08-29

CVE-2014-4788

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM Initiate Master Data Service versions 9.5 before 9.5.093013 IBM Initiate Master Data Service versions 9.7 before 9.7.093013 IBM Initiate Master Data Service versions 10.0 before 10.0.093013 IBM Initiate Master Data Service versions 10.1 before 10.1.093013

Description The issue makes it easier for remote attackers to obtain access by leveraging an unattended workstation, as the software does not have an off autocomplete attribute for authentication fields.

Recommendations For versions 9.5 before 9.5.093013, update to version 9.5.093013 or later. For versions 9.7 before 9.7.093013, update to version 9.7.093013 or later. For versions 10.0 before 10.0.093013, update to version 10.0.093013 or later. For versions 10.1 before 10.1.093013, update to version 10.1.093013 or later.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-255

Identificadores relacionados

CVE-2014-4788

Produtos afetados

Ibm Initiate Master Data Service

PT-2014-6118 · Ibm · Ibm Initiate Master Data Service

CVE-2014-4788

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3