Unrated severityNVD Advisory· Published Aug 17, 2014· Updated May 6, 2026

CVE-2014-0966

Description

SQL injection vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Affected products

IBM/Infosphere Master Data Management4 versions
cpe:2.3:a:ibm:infosphere_master_data_management:10.0:*:*:*:collaborative:*:*:*+ 3 more
- cpe:2.3:a:ibm:infosphere_master_data_management:10.0:*:*:*:collaborative:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management:10.1:*:*:*:collaborative:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management:11.0:*:*:*:collaborative:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management:11.3:*:*:*:collaborative:*:*:*
IBM/Infosphere Master Data Management Server For Product Information Management10 versions
cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:9.0:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:10.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:10.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:10.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:10.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:10.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:11.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:infosphere_master_data_management_server_for_product_information_management:11.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www-01.ibm.com/support/docview.wssnvdVendor Advisory
secunia.com/advisories/60679nvd
secunia.com/advisories/60693nvd
secunia.com/advisories/60695nvd
exchange.xforce.ibmcloud.com/vulnerabilities/92880nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000