Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 FP8 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows remote attackers to hijack the authentication of arbitrary users.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Infosphere Master Data Management Collaboration Server | 10.0 |
| Ibm | Infosphere Master Data Management Server For Product Information Management | 9.0 |
Related Weaknesses (CWE)
References
- http://www.ibm.com/support/docview.wss?uid=swg21663181Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87536
- http://www.ibm.com/support/docview.wss?uid=swg21663181Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87536
FAQ
What is CVE-2013-5427?
CVE-2013-5427 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 FP8 through 11.0 and InfoSphere Master Data Management Server for Prod...
How severe is CVE-2013-5427?
CVE-2013-5427 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5427?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Infosphere Master Data Management Collaboration Server, Ibm Infosphere Master Data Management Server For Product Information Management.