CVE-2014-0873

Name of the Vulnerable Software and Affected Versions IBM InfoSphere Master Data Management (MDM) Server versions 8.5 before 8.5.0.82 IBM InfoSphere Master Data Management (MDM) Server versions 9.0.1 before 9.0.1.38 IBM InfoSphere Master Data Management (MDM) Server versions 9.0.2 before 9.0.2.35 IBM InfoSphere Master Data Management (MDM) Server versions 10.0 before 10.0.0.0.26 IBM InfoSphere Master Data Management (MDM) Server versions 10.1 before 10.1.0.0.15

Description The issue affects the Data Stewardship, Business Admin, and Product interfaces in IBM InfoSphere Master Data Management (MDM) Server, allowing remote attackers to hijack the authentication of arbitrary users through cross-site request forgery (CSRF) vulnerabilities.

Recommendations For versions 8.5 before 8.5.0.82, update to version 8.5.0.82 or later. For versions 9.0.1 before 9.0.1.38, update to version 9.0.1.38 or later. For versions 9.0.2 before 9.0.2.35, update to version 9.0.2.35 or later. For versions 10.0 before 10.0.0.0.26, update to version 10.0.0.0.26 or later. For versions 10.1 before 10.1.0.0.15, update to version 10.1.0.0.15 or later.