CVE-2015-1984

IBM InfoSphere Master Data Management Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 before FP03 allows remote authenticated users to bypass intended access restrictions and read arbitrary profiles via unspecified vectors, as demonstrated by discovering usernames for use in brute-force attacks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:N/A:N
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 35%
VendorProductVersion
ibminfosphere_master_data_management
9.1
ibminfosphere_master_data_management
10.1
ibminfosphere_master_data_management
11.0
ibminfosphere_master_data_management
11.3
ibminfosphere_master_data_management
11.4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www-01.ibm.com/support/docview.wss?uid=swg21960244
http://www.securityfocus.com/bid/75474
http://www-01.ibm.com/support/docview.wss?uid=swg21960244
http://www.securityfocus.com/bid/75474