) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:ibm:infosphere_master_data_management_server_for_product_information_management:10.0.0.1
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2014-3063 |
IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1-FP11 and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1-FP15 and 10.x and 11.x before 11.3-IF2 allow local users to obtain administrator privileges via unspecified vectors. Published: August 17, 2014; 7:55:06 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2014-0969 |
Cross-site request forgery (CSRF) vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to hijack the authentication of arbitrary users. Published: August 17, 2014; 7:55:06 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
| CVE-2014-0966 |
SQL injection vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. Published: August 17, 2014; 7:55:06 PM -0400 |
V3.x:(not available) V2.0: 6.5 MEDIUM |