3.1
CVE-2025-14808
- EPSS 0.23%
- Veröffentlicht 25.03.2026 20:09:38
- Zuletzt bearbeitet 26.03.2026 18:23:13
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM InfoSphere Information Server is vulnerable due to disclosure of sensitive information
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Infosphere Information Server Version >= 11.7.0.0 <= 11.7.1.6
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.23% | 0.13 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| psirt@us.ibm.com | 3.1 | 1.6 | 1.4 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
|
CWE-598 Use of HTTP Request With Sensitive Query String
The web application uses an HTTP method to process a request, but the request includes sensitive information in the query string.
https://www.ibm.com/support/pages/node/7266695