CVE Vulnerabilities

CVE-2014-4784

Published: Sep 10, 2014 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7.093013, 10.0 before 10.0.093013, and 10.1 before 10.1.093013 does not properly restrict use of FRAME elements, which allows remote attackers to conduct phishing attacks, and bypass intended access restrictions or obtain sensitive information, via a crafted web site, related to a frame injection issue.

Affected Software

Name Vendor Start Version End Version
Initiate_master_data_service Ibm 9.7 9.7
Initiate_master_data_service Ibm 10.0 10.0
Initiate_master_data_service Ibm 9.5 9.5
Initiate_master_data_service Ibm 10.1 10.1

References