Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-0966

Опубликовано: 17 авг. 2014
Источник: nvd
CVSS2: 6.5
EPSS Низкий

Описание

SQL injection vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:infosphere_master_data_management:10.0:*:*:*:collaborative:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management:10.1:*:*:*:collaborative:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management:11.0:*:*:*:collaborative:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management:11.3:*:*:*:collaborative:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:9.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:9.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:10.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:10.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:10.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:10.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:10.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:10.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:11.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:11.3:*:*:*:*:*:*:*

EPSS

Процентиль: 57%
0.00348
Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89

Связанные уязвимости

github логотип

GHSA-74q4-xfqc-g925

github
больше 3 лет назад

SQL injection vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

EPSS

Процентиль: 57%
0.00348
Низкий

6.5 Medium

CVSS2

Дефекты

CWE-89