Ibm

Infosphere Information Server

174 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2018-1845

  • EPSS 0.57%
  • Veröffentlicht 17.06.2019 15:15:12
  • Zuletzt bearbeitet 21.11.2024 04:00:29

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resour...

8.3

CVE-2019-4185

  • EPSS 0.21%
  • Veröffentlicht 06.06.2019 01:29:00
  • Zuletzt bearbeitet 21.11.2024 04:43:17

IBM InfoSphere Information Server 11.7.1 containers are vulnerable to privilege escalation due to an insecurely configured component. IBM X-Force ID: 158975.

5.4

CVE-2019-4238

  • EPSS 0.17%
  • Veröffentlicht 25.04.2019 15:29:01
  • Zuletzt bearbeitet 21.11.2024 04:43:21

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

6.5

CVE-2018-1906

  • EPSS 0.34%
  • Veröffentlicht 02.04.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:34

IBM InfoSphere Information Server 11.3, 11.5, and 11.7could allow an authenticated user to download code using a specially crafted HTTP request. IBM X-Force ID: 152663.

6.5

CVE-2018-1917

  • EPSS 0.33%
  • Veröffentlicht 02.04.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:35

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an authenticated user to access JSP files and disclose sensitive information. IBM X-Force ID: 152784.

8.5

CVE-2018-1701

  • EPSS 0.26%
  • Veröffentlicht 15.02.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:13

IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server. IBM X-Force ID: 145970.

9.1

CVE-2018-1727

  • EPSS 0.42%
  • Veröffentlicht 15.02.2019 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:15

IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory r...

5.5

CVE-2018-1518

  • EPSS 0.01%
  • Veröffentlicht 18.10.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:57

IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682.

7.8

CVE-2017-1350

  • EPSS 0.07%
  • Veröffentlicht 05.06.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:21:45

IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 could allow a user to escalate their privileges to administrator due to improper access controls. IBM X-Force ID: 126526.

6.1

CVE-2018-1432

  • EPSS 0.09%
  • Veröffentlicht 05.06.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:48

IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to cross-frame scripting which is a vulnerability that allows an attacker to load Information Server components inside an HTML iframe tag on a malicious page. The attacker coul...