Ibm

Infosphere Information Server

169 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.5

CVE-2018-1701

  • EPSS 0.26%
  • Published 15.02.2019 20:29:00
  • Last modified 21.11.2024 04:00:13

IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970.

9.1

CVE-2018-1727

  • EPSS 0.42%
  • Published 15.02.2019 20:29:00
  • Last modified 21.11.2024 04:00:15

IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory r...

5.5

CVE-2018-1518

  • EPSS 0.01%
  • Published 18.10.2018 15:29:00
  • Last modified 21.11.2024 03:59:57

IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682.

7.8

CVE-2017-1350

  • EPSS 0.07%
  • Published 05.06.2018 15:29:00
  • Last modified 21.11.2024 03:21:45

IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 could allow a user to escalate their privileges to administrator due to improper access controls. IBM X-Force ID: 126526.

6.1

CVE-2018-1432

  • EPSS 0.09%
  • Published 05.06.2018 15:29:00
  • Last modified 21.11.2024 03:59:48

IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to cross-frame scripting which is a vulnerability that allows an attacker to load Information Server components inside an HTML iframe tag on a malicious page. The attacker coul...

5.9

CVE-2018-1454

  • EPSS 0.31%
  • Published 05.06.2018 15:29:00
  • Last modified 21.11.2024 03:59:51

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sens...

5.5

CVE-2016-0250

  • EPSS 0.26%
  • Published 12.03.2018 21:29:00
  • Last modified 21.11.2024 02:41:21

XML external entity (XXE) vulnerability in IBM InfoSphere Information Governance Catalog 11.3 before 11.3.1.2 and 11.5 before 11.5.0.1 allows remote authenticated users to read arbitrary files or cause a denial of service via crafted XML data. IBM X-...

7.8

CVE-2017-1469

  • EPSS 0.1%
  • Published 14.08.2017 22:29:00
  • Last modified 20.04.2025 01:37:25

IBM InfoSphere Information Server 9.1, 11.3, and 11.5 could allow a local user to gain elevated privileges by placing arbitrary files in installation directories. IBM X-Force ID: 128468.

9.1

CVE-2017-1383

  • EPSS 0.58%
  • Published 02.08.2017 17:29:00
  • Last modified 20.04.2025 01:37:25

IBM InfoSphere Information Server 9.1, 11.3, and 11.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resourc...

8.1

CVE-2017-1467

  • EPSS 0.56%
  • Published 02.08.2017 17:29:00
  • Last modified 20.04.2025 01:37:25

A network layer security vulnerability in InfoSphere Information Server 9.1, 11.3, and 11.5 can lead to privilege escalation or unauthorized access. IBM X-Force ID: 128466.