PT-2013-5537 · Ibm · Ibm Infosphere Master Data Management - Collaborative Edition+1

Published

2013-12-19

Updated

2017-08-29

CVE-2013-5426

CVSS v2.0

4.9

Medium

Vector

AV:A/AC:M/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Master Data Management - Collaborative Edition versions 10.0 through 10.1 before IF5 IBM InfoSphere Master Data Management - Collaborative Edition version 11.0 before IF1 IBM InfoSphere Master Data Management Server for Product Information Management versions 9.0 through 9.1 before IF11

Description A session fixation issue allows remote authenticated users to hijack web sessions.

Recommendations For IBM InfoSphere Master Data Management - Collaborative Edition versions 10.0 through 10.1 before IF5, update to version 10.1 IF5 or later. For IBM InfoSphere Master Data Management - Collaborative Edition version 11.0 before IF1, update to version 11.0 IF1 or later. For IBM InfoSphere Master Data Management Server for Product Information Management versions 9.0 through 9.1 before IF11, update to version 9.1 IF11 or later.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2013-5426

Affected Products

Ibm Infosphere Master Data Management - Collaborative Edition

Ibm Infosphere Master Data Management Server For Product Information Management

PT-2013-5537 · Ibm · Ibm Infosphere Master Data Management - Collaborative Edition+1

CVE-2013-5426

Weakness Enumeration

Related Identifiers

Affected Products

References · 3