VIR Vulnerability Intelligence Relay

CVE-2015-4958

low
Published 2016-01-17 · Modified 2026-05-06
CVSS v3
3.3
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS v2
2.1
VIR risk
3.3

Description

IBM InfoSphere Master Data Management - Collaborative Edition 9.1, 10.1, 11.0 before 11.0.0.0 IF11, 11.3 before 11.3.0.0 IF7, and 11.4 before 11.4.0.4 IF1 does not properly restrict browser caching, which allows local users to obtain sensitive information by reading cache files.

Predictions

Exploit likelihood
34%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@us.ibm.com — http://www-01.ibm.com/support/docview.wss?uid=swg21971545

Application impact
VendorProductVersionsFixed
ibminfosphere_master_data_management9.1
ibminfosphere_master_data_management10.1
ibminfosphere_master_data_management11.0
ibminfosphere_master_data_management11.3
ibminfosphere_master_data_management11.4

References

CWEs

CWE-200

Verify integrity in audit chain (admin only). AS-IS.