Ibm

Infosphere Information Server On Cloud

29 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-1499

  • EPSS 0.03%
  • Veröffentlicht 01.06.2025 11:30:58
  • Zuletzt bearbeitet 09.06.2025 18:08:54

IBM InfoSphere Information Server 11.7 stores credential information for database authentication in a cleartext parameter file that could be viewed by an authenticated user.

4.3

CVE-2025-1138

  • EPSS 0.05%
  • Veröffentlicht 15.05.2025 20:11:03
  • Zuletzt bearbeitet 04.06.2025 20:02:53

IBM InfoSphere Information Server 11.7 could disclose sensitive information to an authenticated user that could aid in further attacks against the system through a directory listing.

9.8

CVE-2024-40689

  • EPSS 0.07%
  • Veröffentlicht 26.07.2024 14:15:02
  • Zuletzt bearbeitet 21.11.2024 09:31:28

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. IBM X-Force ID...

9.8

CVE-2022-40752

  • EPSS 0.46%
  • Veröffentlicht 16.11.2022 23:15:10
  • Zuletzt bearbeitet 23.07.2025 21:15:25

IBM InfoSphere DataStage 11.7 is vulnerable to a command injection vulnerability due to improper neutralization of special elements. IBM X-Force ID:  236687.

6.5

CVE-2022-22442

  • EPSS 0.08%
  • Veröffentlicht 03.11.2022 20:15:25
  • Zuletzt bearbeitet 05.05.2025 14:15:22

"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls. IBM X-Force ID: 224427."

7.8

CVE-2022-22454

  • EPSS 0.09%
  • Veröffentlicht 10.05.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:46:49

IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request.

9.3

CVE-2020-4305

  • EPSS 1.39%
  • Veröffentlicht 09.07.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:32:33

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to execute arbitrary code on the system, caused by the deserialization of untrusted data. By persuading a victim to visit a specially crafted Web site, an attacker c...

5.4

CVE-2020-4298

  • EPSS 0.18%
  • Veröffentlicht 19.05.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:32:32

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

6.5

CVE-2020-4286

  • EPSS 0.09%
  • Veröffentlicht 19.05.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:32:31

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 176268.

5.4

CVE-2020-4384

  • EPSS 0.18%
  • Veröffentlicht 06.05.2020 14:15:10
  • Zuletzt bearbeitet 21.11.2024 05:32:40

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...