CVE-2014-4788
Summary
| CVE | CVE-2014-4788 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-09-10 10:55:00 UTC |
| Updated | 2017-08-29 01:35:00 UTC |
| Description | IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7.093013, 10.0 before 10.0.093013, and 10.1 before 10.1.093013 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. |
Risk And Classification
Problem Types: CWE-255
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Initiate Master Data Service | 10.0 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 10.1 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 9.5 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 9.7 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 10.0 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 10.1 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 9.5 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 9.7 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Bulletin: Multiple Vulnerabilities in IBM Initiate Master Data Service (CVE-2014-4789, CVE-2014-4788, CVE-2014-4787, CVE-2014-4786, CVE-2014-4785, CVE-2014-4784, CVE-2014-4783) | CONFIRM | www-01.ibm.com | Patch, Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.