Boletines de Vulnerabilidades

IBM Security Bulletin: IBM Initiate Master Data Service and IBM InfoSphere Master Data Management may be affected by a denial of service vulnerability in Apache Commons FileUpload (CVE-2014-0050)

Información sobre el sistema
   
Software afectado IBM

Descripción
The Apache Commons FileUpload used in IBM Initiate Master Data Service and IBM InfoSphere Master Data Management may be vulnerable to a denial of service attack. CVE(s): CVE-2014-0050 Affected product(s) and affected version(s): The vulnerability is known to affect the following offerings: ·IBM Initiate Master Data Service versions 9.0, 9.2, 9.5, 9.7, 10.0, 10.1 Impacts Inspector component ·IBM InfoSphere Master Data Management Server versions 10.0, 10.1 Impacts

More info:

https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_initiate_master_data_service_and_ibm_infosphere_master_data_management_may_be_affected_by_a_denial_of_service_vulnerability_in_apache_commons_fileupload_cve_2014_0050?lan

Identificadores estándar
Propiedad Valor
CVE CVE-2014-0050 ,CVE-2014-2421 ,CVE-2013-6954 ,CVE-2013-6629 ,CVE-2014-0411 ,CVE-2014-0416 ,CVE-2014-0453 ,CVE-2014-0107 ,CVE-2013-4353 ,CVE-2013-6450 and CVE-2013-6449.

Histórico de versiones
Versión Comentario Fecha
1.0 Advisory issued 2014-06-19

Miembros de

CERT
FIRST
TF-CSIRT
EGC Group
UE
Red Nacional de SOC
Foro Nacional de Ciberseguridad
CSIRT.es
Ministerio de Defensa
CNI
CCN
CCN-CERT