What is the severity of CVE-2014-8899?

CVE-2014-8899 is classified as a medium severity cross-site scripting (XSS) vulnerability.

How do I fix CVE-2014-8899?

To fix CVE-2014-8899, update your IBM InfoSphere Master Data Management Server to at least version 11.4 FP1.

What impact does CVE-2014-8899 have?

CVE-2014-8899 can allow an attacker to execute arbitrary scripts in the context of a victim's browser.

Which versions are affected by CVE-2014-8899?

CVE-2014-8899 impacts IBM InfoSphere Master Data Management versions 9.x, 10.x, and certain builds of 11.x.

Is a workaround available for CVE-2014-8899?

There are currently no effective workarounds for CVE-2014-8899; applying the appropriate updates is recommended.

Vulnerability/
CVE-2014-8899

low

3.5

CWE

22/12/2014

6/8/2024

CVE-2014-8899: XSS

First published: Mon Dec 22 2014(Updated: )

Cross-site scripting (XSS) vulnerability in the Collaboration Server in IBM InfoSphere Master Data Management Server for Product Information Management 9.x through 9.1 and InfoSphere Master Data Management - Collaborative Edition 10.x through 10.1, 11.0 before FP7, and 11.3 and 11.4 before 11.4 FP1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, a different vulnerability than CVE-2014-8897 and CVE-2014-8898.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
Ibm Infosphere Master Data Management Collaborative Server	=10.0.0
Ibm Infosphere Master Data Management Collaborative Server	=10.0.0.1
Ibm Infosphere Master Data Management Collaborative Server	=10.0.0.2
Ibm Infosphere Master Data Management Collaborative Server	=10.0.0.3
Ibm Infosphere Master Data Management Collaborative Server	=10.0.0.4
Ibm Infosphere Master Data Management Collaborative Server	=10.0.0.5
Ibm Infosphere Master Data Management Collaborative Server	=10.1.0
Ibm Infosphere Master Data Management Collaborative Server	=11.0
Ibm Infosphere Master Data Management Collaborative Server	=11.3
Ibm Infosphere Master Data Management Collaborative Server	=11.4
IBM InfoSphere Master Data Management Server for Product Information Management	=9.0.0
IBM InfoSphere Master Data Management Server for Product Information Management	=9.0.0.1
IBM InfoSphere Master Data Management Server for Product Information Management	=9.0.0.2
IBM InfoSphere Master Data Management Server for Product Information Management	=9.0.0.3
IBM InfoSphere Master Data Management Server for Product Information Management	=9.0.0.4
IBM InfoSphere Master Data Management Server for Product Information Management	=9.0.0.5
IBM InfoSphere Master Data Management Server for Product Information Management	=9.0.0.6
IBM InfoSphere Master Data Management Server for Product Information Management	=9.0.0.7
IBM InfoSphere Master Data Management Server for Product Information Management	=9.0.0.8
IBM InfoSphere Master Data Management Server for Product Information Management	=9.1.0

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2014-8899?
CVE-2014-8899 is classified as a medium severity cross-site scripting (XSS) vulnerability.
How do I fix CVE-2014-8899?
To fix CVE-2014-8899, update your IBM InfoSphere Master Data Management Server to at least version 11.4 FP1.
What impact does CVE-2014-8899 have?
CVE-2014-8899 can allow an attacker to execute arbitrary scripts in the context of a victim's browser.
Which versions are affected by CVE-2014-8899?
CVE-2014-8899 impacts IBM InfoSphere Master Data Management versions 9.x, 10.x, and certain builds of 11.x.
Is a workaround available for CVE-2014-8899?
There are currently no effective workarounds for CVE-2014-8899; applying the appropriate updates is recommended.

collector/nvd-index
agent/softwarecombine
agent/type
agent/references
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/last-modified-date
agent/author
agent/first-publish-date
agent/event
agent/tags
agent/description
agent/source
vendor/ibm
canonical/ibm infosphere master data management collaborative server
version/ibm infosphere master data management collaborative server/10.0.0
version/ibm infosphere master data management collaborative server/10.0.0.1
version/ibm infosphere master data management collaborative server/10.0.0.2
version/ibm infosphere master data management collaborative server/10.0.0.3
version/ibm infosphere master data management collaborative server/10.0.0.4
version/ibm infosphere master data management collaborative server/10.0.0.5
version/ibm infosphere master data management collaborative server/10.1.0
version/ibm infosphere master data management collaborative server/11.0
version/ibm infosphere master data management collaborative server/11.3
version/ibm infosphere master data management collaborative server/11.4
canonical/ibm infosphere master data management server for product information management
version/ibm infosphere master data management server for product information management/9.0.0
version/ibm infosphere master data management server for product information management/9.0.0.1
version/ibm infosphere master data management server for product information management/9.0.0.2
version/ibm infosphere master data management server for product information management/9.0.0.3
version/ibm infosphere master data management server for product information management/9.0.0.4
version/ibm infosphere master data management server for product information management/9.0.0.5
version/ibm infosphere master data management server for product information management/9.0.0.6
version/ibm infosphere master data management server for product information management/9.0.0.7
version/ibm infosphere master data management server for product information management/9.0.0.8
version/ibm infosphere master data management server for product information management/9.1.0