Ibm

Infosphere Master Data Management

17 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2023-46187

  • EPSS 0.01%
  • Veröffentlicht 27.01.2025 02:15:27
  • Zuletzt bearbeitet 18.08.2025 18:01:02

IBM InfoSphere Master Data Management 11.6, 12.0, and 14.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to ...

4.9

CVE-2018-1380

  • EPSS 0.2%
  • Veröffentlicht 29.10.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:43

IBM InfoSphere Master Data Management Collaboration Server 11.4, 11.5, and 11.6 could allow an authenticated user with CA level access to change change their ca-id to another users and read sensitive information. IBM X-Force ID: 138077.

4.3

CVE-2015-7424

  • EPSS 0.11%
  • Veröffentlicht 26.03.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 02:36:45

IBM InfoSphere Master Data Management (MDM) - Collaborative Edition 9.1, 10.1, 11.0, 11.3, 11.4, and 11.5 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information by leveraging Catalogs access. IBM X-Fo...

5.4

CVE-2015-7423

  • EPSS 0.18%
  • Veröffentlicht 26.03.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 02:36:45

Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Master Data Management (MDM) - Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

7.5

CVE-2017-1523

  • EPSS 0.26%
  • Veröffentlicht 24.10.2017 21:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

IBM InfoSphere Master Data Management - Collaborative Edition 11.5 could allow an unauthorized user to download reports without authentication. IBM X-Force ID: 129892.

5.4

CVE-2015-7414

  • EPSS 0.17%
  • Veröffentlicht 17.01.2016 05:59:02
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 allows remote authenticated us...

4.1

CVE-2015-4960

  • EPSS 0.14%
  • Veröffentlicht 17.01.2016 05:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 allows remote authenticated users to conduct clickjacking attacks via a crafted web site.

3.3

CVE-2015-4958

  • EPSS 0.04%
  • Veröffentlicht 17.01.2016 05:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 does not properly restrict browser caching, which allows local users to obtain sensitive inform...

4

CVE-2015-1984

  • EPSS 0.14%
  • Veröffentlicht 20.07.2015 01:59:10
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to bypass intended access restrictions and read arbitrary profiles via unspecified vectors, as demonstrated by d...

4

CVE-2015-1982

  • EPSS 0.16%
  • Veröffentlicht 20.07.2015 01:59:09
  • Zuletzt bearbeitet 12.04.2025 10:46:40

IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to obtain sensitive information via a crafted request, which reveals the full path in an error message.