CVE-2014-0969

Published: Aug 17, 2014Modified: May 6, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to hijack the authentication of arbitrary users.

Affected (14)

Products: Ibm: Infosphere Master Data Management, Infosphere Master Data Management Server For Product Information Management

Ibm

2 products

Infosphere Master Data Management

Infosphere Master Data Management Server For Product Information Management

Configuration A

14 vulnerable

Vulnerable Software	Affected Versions
Ibm Infosphere Master Data Management	Version 10.0
Ibm Infosphere Master Data Management	Version 10.1
Ibm Infosphere Master Data Management	Version 11.0
Ibm Infosphere Master Data Management	Version 11.3
Ibm Infosphere Master Data Management Server For Product Information Management	Version 10.0.0.1
Ibm Infosphere Master Data Management Server For Product Information Management	Version 10.0.1
Ibm Infosphere Master Data Management Server For Product Information Management	Version 10.0
Ibm Infosphere Master Data Management Server For Product Information Management	Version 10.1.0.1
Ibm Infosphere Master Data Management Server For Product Information Management	Version 10.1.0.2
Ibm Infosphere Master Data Management Server For Product Information Management	Version 10.1
Ibm Infosphere Master Data Management Server For Product Information Management	Version 11.0
Ibm Infosphere Master Data Management Server For Product Information Management	Version 11.3
Ibm Infosphere Master Data Management Server For Product Information Management	Version 9.0
Ibm Infosphere Master Data Management Server For Product Information Management	Version 9.1