Ibm

Infosphere Information Server

188 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-14790

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 25.03.2026 20:16:22
  • Zuletzt bearbeitet 30.03.2026 16:59:59

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information due to insufficiently protected credentials.

5.4

CVE-2025-14912

  • EPSS 0.03%
  • Veröffentlicht 25.03.2026 20:13:12
  • Zuletzt bearbeitet 26.03.2026 18:22:01

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or fac...

6.5

CVE-2025-14810

  • EPSS 0.03%
  • Veröffentlicht 25.03.2026 20:11:21
  • Zuletzt bearbeitet 26.03.2026 18:22:50

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 does not invalidate a session after privileges have been modified which could allow an authenticated user to retain access to sensitive information. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/...

3.1

CVE-2025-14808

  • EPSS 0.03%
  • Veröffentlicht 25.03.2026 20:09:38
  • Zuletzt bearbeitet 26.03.2026 18:23:13

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques.

7.5

CVE-2026-1567

  • EPSS 0.01%
  • Veröffentlicht 03.03.2026 20:40:06
  • Zuletzt bearbeitet 05.03.2026 21:29:11

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 An XML External Entity (XXE) vulnerability in IBM InfoSphere Information Server could allow attackers to retrieve sensitive information from the server.

5.3

CVE-2026-1265

  • EPSS 0.04%
  • Veröffentlicht 03.03.2026 19:42:08
  • Zuletzt bearbeitet 04.03.2026 17:36:29

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to writing of sensitive Information in a log file.

4.3

CVE-2025-12832

  • EPSS 0.02%
  • Veröffentlicht 08.12.2025 21:46:55
  • Zuletzt bearbeitet 10.12.2025 23:58:11

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or fac...

9.1

CVE-2025-12531

  • EPSS 0.1%
  • Veröffentlicht 03.11.2025 19:47:40
  • Zuletzt bearbeitet 05.11.2025 15:16:17

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory ...

7.8

CVE-2025-33003

  • EPSS 0.01%
  • Veröffentlicht 31.10.2025 13:15:33
  • Zuletzt bearbeitet 05.11.2025 19:52:28

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could allow a non-root user to gain higher privileges/capabilities within the scope of a container due to execution with unnecessary privileges.

8.8

CVE-2025-36245

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 29.09.2025 23:15:30
  • Zuletzt bearbeitet 18.10.2025 01:24:24

IBM InfoSphere 11.7.0.0 through 11.7.1.6 Information Server could allow an authenticated user to execute arbitrary commands with elevated privileges on the system due to improper validation of user supplied input.