CVE-2014-4789
Summary
| CVE | CVE-2014-4789 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2014-09-10 10:55:00 UTC |
| Updated | 2017-08-29 01:35:00 UTC |
| Description | Session fixation vulnerability in IBM Initiate Master Data Service 9.5 before 9.5.093013, 9.7 before 9.7.093013, 10.0 before 10.0.093013, and 10.1 before 10.1.093013 allows remote attackers to hijack web sessions via unspecified vectors. |
Risk And Classification
Problem Types: CWE-384
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Initiate Master Data Service | 10.0 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 10.1 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 9.5 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 9.7 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 10.0 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 10.1 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 9.5 | All | All | All |
| Application | Ibm | Initiate Master Data Service | 9.7 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Security Bulletin: Multiple Vulnerabilities in IBM Initiate Master Data Service (CVE-2014-4789, CVE-2014-4788, CVE-2014-4787, CVE-2014-4786, CVE-2014-4785, CVE-2014-4784, CVE-2014-4783) | CONFIRM | www-01.ibm.com | Patch, Vendor Advisory |
| About Secunia Research | Flexera | SECUNIA | secunia.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.