Ibm

Infosphere Information Server

172 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2019-4238

  • EPSS 0.17%
  • Veröffentlicht 25.04.2019 15:29:01
  • Zuletzt bearbeitet 21.11.2024 04:43:21

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

6.5

CVE-2018-1906

  • EPSS 0.39%
  • Veröffentlicht 02.04.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:34

IBM InfoSphere Information Server 11.3, 11.5, and 11.7could allow an authenticated user to download code using a specially crafted HTTP request. IBM X-Force ID: 152663.

6.5

CVE-2018-1917

  • EPSS 0.38%
  • Veröffentlicht 02.04.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:35

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an authenticated user to access JSP files and disclose sensitive information. IBM X-Force ID: 152784.

8.5

CVE-2018-1701

  • EPSS 0.26%
  • Veröffentlicht 15.02.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:13

IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970.

9.1

CVE-2018-1727

  • EPSS 0.42%
  • Veröffentlicht 15.02.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:15

IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory r...

5.5

CVE-2018-1518

  • EPSS 0.01%
  • Veröffentlicht 18.10.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:57

IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682.

7.8

CVE-2017-1350

  • EPSS 0.07%
  • Veröffentlicht 05.06.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:21:45

IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 could allow a user to escalate their privileges to administrator due to improper access controls. IBM X-Force ID: 126526.

6.1

CVE-2018-1432

  • EPSS 0.09%
  • Veröffentlicht 05.06.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:48

IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to cross-frame scripting which is a vulnerability that allows an attacker to load Information Server components inside an HTML iframe tag on a malicious page. The attacker coul...

5.9

CVE-2018-1454

  • EPSS 0.31%
  • Veröffentlicht 05.06.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:51

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sens...

5.5

CVE-2016-0250

  • EPSS 0.26%
  • Veröffentlicht 12.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 02:41:21

XML external entity (XXE) vulnerability in IBM InfoSphere Information Governance Catalog 11.3 before 11.3.1.2 and 11.5 before 11.5.0.1 allows remote authenticated users to read arbitrary files or cause a denial of service via crafted XML data. IBM X-...