Vulnerabilities > IBM > Infosphere Master Data Management Server FOR Product Information Management > 11.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-08-17 | CVE-2014-3063 | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1-FP11 and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1-FP15 and 10.x and 11.x before 11.3-IF2 allow local users to obtain administrator privileges via unspecified vectors. | 7.5 |
2014-08-17 | CVE-2014-0969 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products Cross-site request forgery (CSRF) vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to hijack the authentication of arbitrary users. | 6.8 |
2014-08-17 | CVE-2014-0966 | SQL Injection vulnerability in IBM products SQL injection vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 6.5 |