SNS Vulnerability

IBM InfoSphere Master Data Management Products / IBM Initiate Master Data Service Dojo Toolkit Cross-Site Scripting Vulnerabilities

Description

IBM has acknowledged multiple vulnerabilities in IBM InfoSphere Master Data Management, IBM InfoSphere Master Data Management Server for Product Information Management, and IBM Initiate Master Data Service, which can be exploited by malicious people to conduct cross-site scripting attacks.
For more information:
SA62590
The vulnerabilities are reported in the following products and versions:
* IBM InfoSphere Master Data Management - Collaborative Edition versions 11.4, 11.3, 11.0, 10.1, and 10.0.
* IBM InfoSphere Master Data Management (Inspector and Web Reports components) versions 11.4, 11.3, and 11.0.
* IBM InfoSphere Master Data Management Server for Product Information Management versions 9.1 and 9.0.
* IBM Initiate Master Data Service (Inspector and Web Reports components) versions 10.1, 10.0, 9.7, and 9.5.

Vulnerable Products

Vulnerable Software:
IBM InfoSphere Master Data Management 10.xIBM InfoSphere Master Data Management 11.xIBM InfoSphere Master Data Management Server for Product Information Management 9.xIBM Initiate Master Data Service 10.xIBM Initiate Master Data Service 9.x

Solution

Apply fix if available. The remaining updates are scheduled for release within the 2nd week of May 2015 or 2nd week of April 2015.IBM InfoSphere Master Data Management - Collaborative Edition version 11.0:Apply interim fix 11.0-IF008.IBM InfoSphere Master Data Management version 11.0:Update to version 11.0 FP3.IBM InfoSphere Master Data Management version 11.3:Update to version 11.3 FP2.IBM InfoSphere Master Data Management Server for Product Information Management versions 9.1 and 9.0:Apply fix pack 9.1-FP16.

CVE

CVE-2014-8917

References

IBM:
http://www.ibm.com/support/docview.wss?uid=swg21695756
http://www.ibm.com/support/docview.wss?uid=swg21695767

Vulnerability Manager Detection

IPS Protection

ASQ Engine alarm	Available Since
XSS - Prevention - GET : suspicious 'iframe' tag found in URL	3.2.0
XSS - Prevention - GET : suspicious 'meta' tag found in URL	3.2.0
XSS - Prevention - GET : suspicious tag with event found in URL	3.2.0
XSS - Prevention - GET : suspicious 'applet' tag found in URL	3.2.0
XSS - Phishing : suspicious 'div' tag found in URL	3.2.0
XSS - Prevention - GET : suspicious 'style' attribute found in URL	3.2.0
XSS - Prevention - GET : suspicious 'img' tag found in URL	3.2.0
XSS - Phishing : suspicious 'a' tag found in URL	3.2.0
XSS - Prevention - GET : cookie access attempt using script language found in URL	3.2.0
XSS - Prevention - GET : suspicious 'embed' tag found in URL	3.2.0
XSS - Prevention - GET : suspicious 'object' tag found in URL	3.2.0
XSS - Phishing : suspicious 'form' tag found in URL	3.2.0
XSS - Prevention - GET : javascript code found in URL	3.2.0
XSS - Prevention - GET : evasion attempt using tag characters encoding in URL	3.2.0
XSS - Prevention - GET : suspicious 'style' tag found in URL	3.2.0
XSS - Phishing : suspicious 'link' tag found in URL	3.2.0
XSS - Prevention - GET : 'script' tag found in URL	3.2.0
XSS - Prevention - GET : 'location' javascript object found in URL	3.2.0
XSS - Prevention - GET : suspicious 'div' tag found in URL	3.2.0

Risk level

Low

Vulnerability First Public Report Date

2015-03-05

Target Type

Server

Possible exploit

Remote