CVE-2017-1309
HIGHIBM InfoSphere Master Data Mgmt <11.7 - Info Disclosure
Title source: llmDescription
IBM InfoSphere Master Data Management Server 11.0 - 11.6 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 125463.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/99872
Patch, Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg22005437
VDB Entry, Vendor Advisory x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/125463
Scores
CVSS v3
7.8
EPSS
0.0023
EPSS Percentile
13.8%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-312
Status
published
Products (10)
IBM/InfoSphere Master Data Management
11.0
IBM/InfoSphere Master Data Management
11.3
IBM/InfoSphere Master Data Management
11.4
IBM/InfoSphere Master Data Management
11.5
IBM/InfoSphere Master Data Management
11.6
ibm/infosphere_master_data_management_server
11.0
ibm/infosphere_master_data_management_server
11.3
ibm/infosphere_master_data_management_server
11.4
ibm/infosphere_master_data_management_server
11.5
ibm/infosphere_master_data_management_server
11.6
Published
Jul 19, 2017
Tracked Since
Feb 18, 2026