Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-0477

Overview

Vulnerability Score 6.0 6.0
CVE Id CVE-2013-0477
Last Modified 21 Feb 2013 12:00:00
Published 20 Feb 2013 08:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2013-0477

Summary

Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 and 10.1 before FP1 and InfoSphere Master Data Management Server for Product Information Management 6.0, 9.0, and 9.1 allow remote authenticated users to inject content, and conduct phishing attacks, via unspecified vectors.

Vulnerable Systems

Application

  • Ibm Infosphere Master Data Management Collaboration Server 10.0.0

  • Ibm Infosphere Master Data Management Collaboration Server 10.0.1

  • Ibm Infosphere Master Data Management Server For Product Information Management 6.0.0

  • Ibm Infosphere Master Data Management Server For Product Information Management 9.0.0

  • Ibm Infosphere Master Data Management Server For Product Information Management 9.1.0


References

XF - mdm-web-content-spoofing(81481)

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21624952


Last Updated: 27 May 2016 11:01:54