VDB
CVE-2014-0966
CVE-2014-0966
PUBLISHED
CVSS 6.5 MEDIUM
SQL injection vulnerability in the GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0-FP5 and InfoSphere Master Data Management Server for Product Information Management 9.x through 11.x before 11.3-IF2 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
EPSS 0.35% · 57.7th percentile
Risk Scores
CVSS 2.0
6.5
EPSS Score
0.35%
57.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ibm | infosphere_master_data_management_server_for_product_information_management | 11.3, 10.0, 10.0.0.1 |
| n/a | n/a | n/a |
| ibm | infosphere_master_data_management | 10.0, 10.1, 11.0 |
Exploit Intelligence
- CVE-2014-0050 Vulnerable site sample (github-poc)
- CVE-2014-0050 Vulnerable site sample (github-poc)
- CVE-2014-0050 Vulnerable site sample (github-poc)
- CVE-2014-0050 Vulnerable site sample (github-poc)
- http://www-01.ibm.com/support/docview.wss?uid=swg21681651 (circl)
- 60693 (circl)
- 60679 (circl)
- 60695 (circl)
- ibm-infospheremdm-cve20140966-sql-injection(92880) (circl)
Timeline
- Aug 17, 2014 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- http://www-01.ibm.com/support/docview.wss?uid=swg21681649 advisory
- http://www.ibm.com/support/docview.wss?uid=swg21677691 advisory
- https://www.ibm.com/support/docview.wss?uid=swg21680403 advisory
- http://www.ibm.com/support/docview.wss?uid=swg21681528 advisory
- https://www.ibm.com/support/docview.wss?uid=swg21680603 advisory
- http://www.ibm.com/support/docview.wss?uid=swg21679726 advisory
- https://www.ibm.com/support/docview.wss?uid=swg21681651 advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg21681651 url
- 60693 third-party-advisory
- 60679 third-party-advisory
- 60695 third-party-advisory
- ibm-infospheremdm-cve20140966-sql-injection(92880) vdb
- https://nvd.nist.gov/vuln/detail/CVE-2014-0966 advisory