Vulnerabilities > CVE-2014-4775 - Credentials Management vulnerability in IBM products

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

ibm

CWE-255

NVD

Published: 2014-08-17

Updated: 2017-08-29

Summary

IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1-FP11 and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1-FP15 and 10.x and 11.x before 11.3-IF2 do not properly protect credentials, which allows remote attackers to obtain sensitive information via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Infosphere Master Data Management 10.0 IBM Infosphere Master Data Management 10.1 IBM Infosphere Master Data Management 11.0 IBM Infosphere Master Data Management 11.3 IBM Infosphere Master Data Management Server FOR Product Information Management 9.0 IBM Infosphere Master Data Management Server FOR Product Information Management 9.1	6

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References