PT-2014-6118 · Ibm · Ibm Initiate Master Data Service
Published
2014-09-10
·
Updated
2017-08-29
·
CVE-2014-4788
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
IBM Initiate Master Data Service versions 9.5 before 9.5.093013
IBM Initiate Master Data Service versions 9.7 before 9.7.093013
IBM Initiate Master Data Service versions 10.0 before 10.0.093013
IBM Initiate Master Data Service versions 10.1 before 10.1.093013
Description
The issue makes it easier for remote attackers to obtain access by leveraging an unattended workstation, as the software does not have an off autocomplete attribute for authentication fields.
Recommendations
For versions 9.5 before 9.5.093013, update to version 9.5.093013 or later.
For versions 9.7 before 9.7.093013, update to version 9.7.093013 or later.
For versions 10.0 before 10.0.093013, update to version 10.0.093013 or later.
For versions 10.1 before 10.1.093013, update to version 10.1.093013 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Initiate Master Data Service