CVE-2014-0966

Description

SQL injection vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

• http://secunia.com/advisories/60679
• http://secunia.com/advisories/60693
• http://secunia.com/advisories/60695
• http://www-01.ibm.com/support/docview.wss?uid=swg21681651
• https://exchange.xforce.ibmcloud.com/vulnerabilities/92880
• http://secunia.com/advisories/60679
• http://secunia.com/advisories/60693
• http://secunia.com/advisories/60695
• http://www-01.ibm.com/support/docview.wss?uid=swg21681651
• https://exchange.xforce.ibmcloud.com/vulnerabilities/92880

CWEs

CWE-89

💬 Discuss CVE-2014-0966 on VIR Community →

Community-verified mitigations for this CVE will appear above when contributors publish them.