CVE-2016-9717
Summary
| CVE | CVE-2016-9717 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-07-31 21:29:00 UTC |
| Updated | 2017-08-03 15:56:00 UTC |
| Description | HTTP Parameter Override is identified in the IBM Infosphere Master Data Management (MDM) 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 product. It enables attackers by exposing the presence of duplicated parameters which may produce an anomalous behavior in the application that can be potentially exploited. |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Ibm | Infosphere Master Data Management Server | 10.1 | All | All | All |
| Application | Ibm | Infosphere Master Data Management Server | 11.0 | All | All | All |
| Application | Ibm | Infosphere Master Data Management Server | 11.3 | All | All | All |
| Application | Ibm | Infosphere Master Data Management Server | 11.4 | All | All | All |
| Application | Ibm | Infosphere Master Data Management Server | 11.5 | All | All | All |
| Application | Ibm | Infosphere Master Data Management Server | 11.6 | All | All | All |
| Application | Ibm | Infosphere Master Data Management Server | 10.1 | All | All | All |
| Application | Ibm | Infosphere Master Data Management Server | 11.0 | All | All | All |
| Application | Ibm | Infosphere Master Data Management Server | 11.3 | All | All | All |
| Application | Ibm | Infosphere Master Data Management Server | 11.4 | All | All | All |
| Application | Ibm | Infosphere Master Data Management Server | 11.5 | All | All | All |
| Application | Ibm | Infosphere Master Data Management Server | 11.6 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| IBM InfoSphere Master Data Management CVE-2016-9717 Security Bypass Vulnerablity | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Security Bulletin: IBM InfoSphere Master Data Management Server is vulnerable to HTTP Parameter Override discovered in MDM User Interface (CVE-2016-9717) | CONFIRM | www.ibm.com | Patch, Vendor Advisory |
| IBM X-Force Exchange | MISC | exchange.xforce.ibmcloud.com | VDB Entry, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.