Ibm

Infosphere Information Server

188 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1

CVE-2022-40747

  • EPSS 0.52%
  • Veröffentlicht 03.11.2022 20:15:31
  • Zuletzt bearbeitet 05.05.2025 14:15:24

"IBM InfoSphere Information Server 11.7 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-For...

7.8

CVE-2022-35717

  • EPSS 0.12%
  • Veröffentlicht 03.11.2022 20:15:29
  • Zuletzt bearbeitet 02.05.2025 21:15:18

"IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-"Force ID: 231361.

8.8

CVE-2022-30608

  • EPSS 0.14%
  • Veröffentlicht 03.11.2022 20:15:28
  • Zuletzt bearbeitet 05.05.2025 14:15:23

"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a "user that the website trusts. IBM X-Force ID: 227295.

5.4

CVE-2022-30615

  • EPSS 0.49%
  • Veröffentlicht 03.11.2022 20:15:28
  • Zuletzt bearbeitet 05.05.2025 14:15:23

"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wit...

5.4

CVE-2022-35642

  • EPSS 0.49%
  • Veröffentlicht 03.11.2022 20:15:28
  • Zuletzt bearbeitet 02.05.2025 21:15:18

"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure wit...

9.8

CVE-2022-22425

  • EPSS 0.42%
  • Veröffentlicht 03.11.2022 20:15:25
  • Zuletzt bearbeitet 05.05.2025 14:15:22

"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 223598."

6.5

CVE-2022-22442

  • EPSS 0.22%
  • Veröffentlicht 03.11.2022 20:15:25
  • Zuletzt bearbeitet 05.05.2025 14:15:22

"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information restricted to users with elevated privileges due to improper access controls. IBM X-Force ID: 224427."

6.5

CVE-2022-36772

  • EPSS 0.16%
  • Veröffentlicht 07.10.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 07:13:40

IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that should only be available to a privileged user.

6.5

CVE-2022-41291

  • EPSS 0.12%
  • Veröffentlicht 07.10.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 07:22:59

IBM InfoSphere Information Server 11.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 236699.

6.5

CVE-2012-4818

  • EPSS 0.2%
  • Veröffentlicht 29.09.2022 03:15:11
  • Zuletzt bearbeitet 21.11.2024 01:43:33

IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remote authenticated attacker to obtain sensitive information, caused by improper restrictions on directories. An attacker could exploit this vulnerability via the DataStage applicatio...