Ibm

Infosphere Information Server

172 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.2

CVE-2021-29827

  • EPSS 0.03%
  • Veröffentlicht 19.12.2024 00:15:04
  • Zuletzt bearbeitet 12.03.2025 17:43:30

IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click ac...

6.5

CVE-2024-52901

  • EPSS 0.1%
  • Veröffentlicht 12.12.2024 16:15:54
  • Zuletzt bearbeitet 07.01.2025 18:16:58

IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation.

4.3

CVE-2024-51460

  • EPSS 0.11%
  • Veröffentlicht 11.12.2024 13:15:06
  • Zuletzt bearbeitet 14.01.2025 19:40:36

IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system.

6.5

CVE-2023-23472

  • EPSS 0.13%
  • Veröffentlicht 11.12.2024 13:15:05
  • Zuletzt bearbeitet 11.03.2025 17:24:19

IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.

4.9

CVE-2024-40704

  • EPSS 0.05%
  • Veröffentlicht 15.08.2024 17:15:17
  • Zuletzt bearbeitet 15.08.2024 20:03:13

IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277.

6.5

CVE-2024-40705

  • EPSS 0.09%
  • Veröffentlicht 15.08.2024 17:15:17
  • Zuletzt bearbeitet 15.08.2024 19:57:34

IBM InfoSphere Information Server could allow an authenticated user to consume file space resources due to unrestricted file uploads. IBM X-Force ID: 298279.

4.3

CVE-2024-39751

  • EPSS 0.09%
  • Veröffentlicht 06.08.2024 16:15:48
  • Zuletzt bearbeitet 29.08.2024 16:56:32

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-For...

9.8

CVE-2024-40689

  • EPSS 0.18%
  • Veröffentlicht 26.07.2024 14:15:02
  • Zuletzt bearbeitet 21.11.2024 09:31:28

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. IBM X-Force ID...

4.6

CVE-2024-37533

  • EPSS 0.04%
  • Veröffentlicht 24.07.2024 18:15:04
  • Zuletzt bearbeitet 21.11.2024 09:24:01

IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user with physical access to the machine. IBM X-Force ID: 294727.

5.4

CVE-2024-40690

  • EPSS 0.24%
  • Veröffentlicht 12.07.2024 18:15:02
  • Zuletzt bearbeitet 21.11.2024 09:31:28

IBM InfoSphere Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure ...