IBM InfoSphere Master Data Management - Collaborative Edition could allow an authenticated user with CA level access to change change their ca-id to another users and read sensitive information.
CVEID: CVE-2018-1380 DESCRIPTION: IBM InfoSphere Master Data Management - Collaborative Edition could allow an authenticated user with CA level access to change change their ca-id to another users and read sensitive information.
CVSS Base Score: 2.7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/138077> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N)
Affected IBM InfoSphere Master Data Management - Collaborative Edition
|
Affected Versions
—|—
IBM InfoSphere Master Data Management - Collaborative Edition | 11.4
IBM InfoSphere Master Data Management - Collaborative Edition | 11.5
IBM InfoSphere Master Data Management - Collaborative Edition | 11.6
The recommended solution is to apply the fix as soon as practical. Please see below for information on the fix available.
Product**** | VRMF | Remediation/First Fix |
---|---|---|
IBM InfoSphere Master Data Management Collaboration Server | 11.4 | 11.4.0-WS-MDMCS-FP0010IF000 |
IBM InfoSphere Master Data Management Collaboration Server | 11.5 | 11.5.0.12-MDM-CE-FP012IF000 |
IBM InfoSphere Master Data Management Collaboration Server | 11.6 | 11.6.0.6-MDM-CE-FP06IF000 |
None