Unrated severityNVD Advisory· Published Mar 16, 2014· Updated May 6, 2026

CVE-2014-0873

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) Data Stewardship, (2) Business Admin, and (3) Product interfaces in IBM InfoSphere Master Data Management (MDM) Server 8.5 before 8.5.0.82, 9.0.1 before 9.0.1.38, 9.0.2 before 9.0.2.35, 10.0 before 10.0.0.0.26, and 10.1 before 10.1.0.0.15 allow remote attackers to hijack the authentication of arbitrary users.

Affected products

IBM/Infosphere Master Data Management Server5 versions
cpe:2.3:a:ibm:infosphere_master_data_management_server:8.5:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:ibm:infosphere_master_data_management_server:8.5:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management_server:9.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management_server:9.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management_server:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management_server:10.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www-01.ibm.com/support/docview.wssnvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/90994nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000