← Back

CVE-2015-1984

nvd nist
Published: Jul 20, 2015Modified: May 6, 2026

JSON object

Loading...
4.0
Vector
AV:N/AC:L/Au:S/C:P/I:N/A:N
Exploitability: 8.0 / Impact: 2.9
Source: NVD

Description

IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to bypass intended access restrictions and read arbitrary profiles via unspecified vectors, as demonstrated by discovering usernames for use in brute-force attacks.

Affected (5)

Ibm
1 product
Infosphere Master Data Management
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Infosphere Master Data Management
Version 10.1
Infosphere Master Data Management
Version 11.0
Infosphere Master Data Management
Version 11.3
Infosphere Master Data Management
Version 11.4
Infosphere Master Data Management
Version 9.1

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CWE-264
CWE-264

References (4)

Source: psirt@us.ibm.com
PatchVendor Advisory
Source: psirt@us.ibm.com
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.