PT-2014-8748 · Ibm · Ibm Infosphere Master Data Management Server For Product Information Management+2
Christophe Garrigues
+1
·
Publicado
2014-12-22
·
Atualizado
2017-09-08
·
CVE-2014-8896
CVSS v2.0
4.0
Média
| Vetor | AV:N/AC:L/Au:S/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
IBM InfoSphere Master Data Management Server for Product Information Management versions 9.x through 9.1
InfoSphere Master Data Management - Collaborative Edition versions 10.x through 10.1
InfoSphere Master Data Management - Collaborative Edition version 11.0 before FP7
InfoSphere Master Data Management - Collaborative Edition versions 11.3 and 11.4 before 11.4 FP1
Description
The issue allows remote authenticated users to modify the administrator's credentials, consequently gaining privileges. This is achieved via unspecified vectors in the Collaboration Server component.
Recommendations
For IBM InfoSphere Master Data Management Server for Product Information Management versions 9.x through 9.1, update to a version outside of this range.
For InfoSphere Master Data Management - Collaborative Edition versions 10.x through 10.1, update to a version outside of this range.
For InfoSphere Master Data Management - Collaborative Edition version 11.0, apply FP7 or later.
For InfoSphere Master Data Management - Collaborative Edition versions 11.3 and 11.4, update to 11.4 FP1 or later.
Correção
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Collaboration Server
Ibm Infosphere Master Data Management - Collaborative Edition
Ibm Infosphere Master Data Management Server For Product Information Management