4
CVE-2015-1984
- EPSS 0.14%
- Veröffentlicht 20.07.2015 01:59:10
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to bypass intended access restrictions and read arbitrary profiles via unspecified vectors, as demonstrated by discovering usernames for use in brute-force attacks.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Infosphere Master Data Management Version9.1 SwEditioncollaborative
Ibm ≫ Infosphere Master Data Management Version10.1 SwEditioncollaborative
Ibm ≫ Infosphere Master Data Management Version11.0 SwEditioncollaborative
Ibm ≫ Infosphere Master Data Management Version11.3 SwEditioncollaborative
Ibm ≫ Infosphere Master Data Management Version11.4 SwEditioncollaborative
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Typ | Quelle | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 0.14% | 0.307 |
Quelle | Base Score | Exploit Score | Impact Score | Vector String |
---|---|---|---|---|
nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.