Vulnerability Details CVE-2016-9717
HTTP Parameter Override is identified in the IBM Infosphere Master Data Management (MDM) 10.1. 11.0. 11.3, 11.4, 11.5, and 11.6 product. It enables attackers by exposing the presence of duplicated parameters which may produce an anomalous behavior in the application that can be potentially exploited.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.3%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
- http://www.ibm.com/support/docview.wss?uid=swg22006605
- http://www.securityfocus.com/bid/100074
- https://exchange.xforce.ibmcloud.com/vulnerabilities/119730
- http://www.ibm.com/support/docview.wss?uid=swg22006605
- http://www.securityfocus.com/bid/100074
- https://exchange.xforce.ibmcloud.com/vulnerabilities/119730
Products affected by CVE-2016-9717
-
cpe:2.3:a:ibm:infosphere_master_data_management_server:10.1
-
cpe:2.3:a:ibm:infosphere_master_data_management_server:11.0
-
cpe:2.3:a:ibm:infosphere_master_data_management_server:11.3
-
cpe:2.3:a:ibm:infosphere_master_data_management_server:11.4
-
cpe:2.3:a:ibm:infosphere_master_data_management_server:11.5
-
cpe:2.3:a:ibm:infosphere_master_data_management_server:11.6