CVE-2014-4775
First published: Sun Aug 17 2014(Updated: )
IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1-FP11 and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x before 9.1-FP15 and 10.x and 11.x before 11.3-IF2 do not properly protect credentials, which allows remote attackers to obtain sensitive information via unspecified vectors.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM InfoSphere Master Data Management | =10.0 | |
| IBM InfoSphere Master Data Management | =10.1 | |
| IBM InfoSphere Master Data Management | =11.0 | |
| IBM InfoSphere Master Data Management | =11.3 | |
| IBM InfoSphere Master Data Management Server for Product Information Management | =9.0 | |
| IBM InfoSphere Master Data Management Server for Product Information Management | =9.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-4775?
CVE-2014-4775 is categorized as a moderate severity vulnerability due to improper credential protection.
How do I fix CVE-2014-4775?
To fix CVE-2014-4775, upgrade to IBM InfoSphere Master Data Management 10.1-FP11, 11.0-FP5, or the appropriate fixed version for your affected software.
What software is affected by CVE-2014-4775?
CVE-2014-4775 affects IBM InfoSphere Master Data Management versions 10.0, 10.1, 11.0, and 11.3, as well as version 9.1 of the InfoSphere Master Data Management Server for Product Information Management.
What kind of attacks can CVE-2014-4775 allow?
CVE-2014-4775 can allow a remote attacker to exploit improperly protected credentials, potentially leading to unauthorized access.
Is CVE-2014-4775 still a risk today?
If not patched, CVE-2014-4775 remains a risk as it can be exploited in environments still using the affected versions.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/weakness
- agent/remedy
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/tags
- agent/event
- agent/source
- vendor/ibm
- canonical/ibm infosphere master data management
- version/ibm infosphere master data management/10.0
- version/ibm infosphere master data management/10.1
- version/ibm infosphere master data management/11.0
- version/ibm infosphere master data management/11.3
- canonical/ibm infosphere master data management server for product information management
- version/ibm infosphere master data management server for product information management/9.0
- version/ibm infosphere master data management server for product information management/9.1