6.5
CVE-2024-43186
- EPSS 0.25%
- Veröffentlicht 28.03.2025 23:49:20
- Zuletzt bearbeitet 08.07.2025 17:28:18
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM InfoSphere Information Server information disclosure
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that is stored locally under certain conditions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Infosphere Information Server Version >= 11.7 < 11.7.1
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.164 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 5.3 | 1.6 | 3.6 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-256 Plaintext Storage of a Password
The product stores a password in plaintext within resources such as memory or files.
Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.
https://www.ibm.com/support/pages/node/7184980