← Back

CVE-2014-4788

nvd nist
Published: Sep 10, 2014Modified: May 6, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7.093013, 10.0 before 10.0.093013, and 10.1 before 10.1.093013 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.

Affected (4)

Ibm
1 product
Initiate Master Data Service
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Initiate Master Data Service
Version 10.0
Initiate Master Data Service
Version 10.1
Initiate Master Data Service
Version 9.5
Initiate Master Data Service
Version 9.7

Related CWEs

CWE-255
CWE-255

References (4)

Source: psirt@us.ibm.com
PatchVendor Advisory
Source: psirt@us.ibm.com
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.