Ibm

Infosphere Information Server

169 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-23472

  • EPSS 0.17%
  • Published 11.12.2024 13:15:05
  • Last modified 11.03.2025 17:24:19

IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.

4.9

CVE-2024-40704

  • EPSS 0.05%
  • Published 15.08.2024 17:15:17
  • Last modified 15.08.2024 20:03:13

IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277.

6.5

CVE-2024-40705

  • EPSS 0.09%
  • Published 15.08.2024 17:15:17
  • Last modified 15.08.2024 19:57:34

IBM InfoSphere Information Server could allow an authenticated user to consume file space resources due to unrestricted file uploads. IBM X-Force ID: 298279.

4.3

CVE-2024-39751

  • EPSS 0.05%
  • Published 06.08.2024 16:15:48
  • Last modified 29.08.2024 16:56:32

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-For...

9.8

CVE-2024-40689

  • EPSS 0.07%
  • Published 26.07.2024 14:15:02
  • Last modified 21.11.2024 09:31:28

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. IBM X-Force ID...

4.6

CVE-2024-37533

  • EPSS 0.04%
  • Published 24.07.2024 18:15:04
  • Last modified 21.11.2024 09:24:01

IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user with physical access to the machine. IBM X-Force ID: 294727.

5.4

CVE-2024-40690

  • EPSS 0.17%
  • Published 12.07.2024 18:15:02
  • Last modified 21.11.2024 09:31:28

IBM InfoSphere Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure ...

5.4

CVE-2023-50964

  • EPSS 0.08%
  • Published 30.06.2024 19:15:02
  • Last modified 21.11.2024 08:37:37

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...

5.4

CVE-2024-28794

  • EPSS 0.2%
  • Published 30.06.2024 19:15:02
  • Last modified 21.11.2024 09:06:56

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...

5.4

CVE-2024-28797

  • EPSS 0.2%
  • Published 30.06.2024 18:15:03
  • Last modified 21.11.2024 09:06:56

IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosu...