IBM6D5C31F94FE0C2AD549E74D2E5A738BE982C801132C88EBED83D0019F6E5FF6BSecurity Bulletin: IBM InfoSphere Master Data Management - Collaborative Edition could allow an authenticated user with CA level access to change change their ca-id to another users and read sensitive information.
EPSS
Percentile
24.7%
Summary
IBM InfoSphere Master Data Management - Collaborative Edition could allow an authenticated user with CA level access to change change their ca-id to another users and read sensitive information.
Vulnerability Details
CVEID: CVE-2018-1380 DESCRIPTION: IBM InfoSphere Master Data Management - Collaborative Edition could allow an authenticated user with CA level access to change change their ca-id to another users and read sensitive information.
CVSS Base Score: 2.7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/138077> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
Affected IBM InfoSphere Master Data Management - Collaborative Edition
|
Affected Versions
—|—
IBM InfoSphere Master Data Management - Collaborative Edition | 11.4
IBM InfoSphere Master Data Management - Collaborative Edition | 11.5
IBM InfoSphere Master Data Management - Collaborative Edition | 11.6
Remediation/Fixes
The recommended solution is to apply the fix as soon as practical. Please see below for information on the fix available.
| Product**** | VRMF | Remediation/First Fix |
|---|---|---|
| IBM InfoSphere Master Data Management Collaboration Server | 11.4 | 11.4.0-WS-MDMCS-FP0010IF000 |
| IBM InfoSphere Master Data Management Collaboration Server | 11.5 | 11.5.0.12-MDM-CE-FP012IF000 |
| IBM InfoSphere Master Data Management Collaboration Server | 11.6 | 11.6.0.6-MDM-CE-FP06IF000 |
Workarounds and Mitigations
None
Related
EPSS
Percentile
24.7%