CVE-2014-0969
Cross-site request forgery (CSRF) vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to hijack the authentication of arbitrary users.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0021 (0.2%)
Percentile: 43.5%
EPSS: 2026-05-06
Affects
ibm:infosphere_master_data_managementibm:infosphere_master_data_management_server_for_product_information_managementTechnical description
Cross-site request forgery (CSRF) vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to hijack the authentication of arbitrary users.
Published: 8/17/2014, 11:55:06 PM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://secunia.com/advisories/60679
- http://secunia.com/advisories/60693
- http://secunia.com/advisories/60695
- http://www-01.ibm.com/support/docview.wss?uid=swg21681649
- http://www.securityfocus.com/bid/69262
- https://exchange.xforce.ibmcloud.com/vulnerabilities/92885
- http://secunia.com/advisories/60679
- http://secunia.com/advisories/60693