Ibm

Infosphere Information Server

172 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-22441

  • EPSS 0.19%
  • Veröffentlicht 28.04.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:46:48

IBM InfoSphere Information Server 11.7 could allow an authenticated user to view information of higher privileged users and groups due to a privilege escalation vulnerability. IBM X-Force ID: 224426.

5.4

CVE-2022-22443

  • EPSS 0.22%
  • Veröffentlicht 28.04.2022 16:15:08
  • Zuletzt bearbeitet 21.11.2024 06:46:48

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...

5.4

CVE-2021-38952

  • EPSS 0.22%
  • Veröffentlicht 28.04.2022 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:18:17

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...

6.5

CVE-2021-38887

  • EPSS 0.16%
  • Veröffentlicht 10.11.2021 15:15:11
  • Zuletzt bearbeitet 21.11.2024 06:18:09

IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information from application response requests that could be used in further attacks against the system. IBM X-Force ID: 209401.

7.5

CVE-2021-29737

  • EPSS 0.12%
  • Veröffentlicht 02.11.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:01:42

IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server 11.7 ) component has improper validation of the REST API server certificate. IBM X-Force ID: 201301.

5.5

CVE-2021-29738

  • EPSS 0.16%
  • Veröffentlicht 02.11.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:01:42

IBM InfoSphere Data Flow Designer (IBM InfoSphere Information Server 11.7 ) is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network en...

5.4

CVE-2021-29771

  • EPSS 0.16%
  • Veröffentlicht 02.11.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:01:46

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...

7.5

CVE-2021-29875

  • EPSS 0.21%
  • Veröffentlicht 02.11.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:01:57

IBM InfoSphere Information Server 11.7 could allow an attacker to obtain sensitive information due to a insecure third party domain access vulnerability. IBM X-Force ID: 206572.

8.8

CVE-2021-29888

  • EPSS 0.11%
  • Veröffentlicht 02.11.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:01:57

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 207123.

9.1

CVE-2021-38948

  • EPSS 0.55%
  • Veröffentlicht 02.11.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:18:16

IBM InfoSphere Information Server 11.7 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Forc...