CVE-2013-5427
IBM InfoSphere Master Data Management Collaboration Server 10.x-11.0 - Cross-Site Request Forgery
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in IBM InfoSphere Master Data Management - Collaborative Edition 10.x before 10.1 FP8 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows remote attackers to hijack the authentication of arbitrary users.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg21663181
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/87536
Scores
EPSS
0.0057
EPSS Percentile
43.1%
Details
CWE
CWE-352
Status
published
Products (5)
ibm/infosphere_master_data_management_collaboration_server
10.0
ibm/infosphere_master_data_management_collaboration_server
10.1
ibm/infosphere_master_data_management_collaboration_server
11.0
ibm/infosphere_master_data_management_server_for_product_information_management
9.0
ibm/infosphere_master_data_management_server_for_product_information_management
9.1
Published
Feb 04, 2014
Tracked Since
Feb 18, 2026