Ibm

Infosphere Information Server

174 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2024-40706

  • EPSS 0.07%
  • Veröffentlicht 24.01.2025 16:15:36
  • Zuletzt bearbeitet 11.03.2025 17:58:30

IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version information that could aid in further attacks against the system.

7.5

CVE-2024-52363

  • EPSS 0.06%
  • Veröffentlicht 17.01.2025 02:15:25
  • Zuletzt bearbeitet 11.03.2025 17:53:21

IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system.

5.2

CVE-2021-29827

  • EPSS 0.04%
  • Veröffentlicht 19.12.2024 00:15:04
  • Zuletzt bearbeitet 12.03.2025 17:43:30

IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click ac...

6.5

CVE-2024-52901

  • EPSS 0.11%
  • Veröffentlicht 12.12.2024 16:15:54
  • Zuletzt bearbeitet 07.01.2025 18:16:58

IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation.

4.3

CVE-2024-51460

  • EPSS 0.11%
  • Veröffentlicht 11.12.2024 13:15:06
  • Zuletzt bearbeitet 14.01.2025 19:40:36

IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system.

6.5

CVE-2023-23472

  • EPSS 0.11%
  • Veröffentlicht 11.12.2024 13:15:05
  • Zuletzt bearbeitet 11.03.2025 17:24:19

IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system.

4.9

CVE-2024-40704

  • EPSS 0.06%
  • Veröffentlicht 15.08.2024 17:15:17
  • Zuletzt bearbeitet 15.08.2024 20:03:13

IBM InfoSphere Information Server 11.7 could allow a privileged user to obtain sensitive information from authentication request headers. IBM X-Force ID: 298277.

6.5

CVE-2024-40705

  • EPSS 0.09%
  • Veröffentlicht 15.08.2024 17:15:17
  • Zuletzt bearbeitet 15.08.2024 19:57:34

IBM InfoSphere Information Server could allow an authenticated user to consume file space resources due to unrestricted file uploads. IBM X-Force ID: 298279.

4.3

CVE-2024-39751

  • EPSS 0.09%
  • Veröffentlicht 06.08.2024 16:15:48
  • Zuletzt bearbeitet 29.08.2024 16:56:32

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-For...

9.8

CVE-2024-40689

  • EPSS 0.14%
  • Veröffentlicht 26.07.2024 14:15:02
  • Zuletzt bearbeitet 21.11.2024 09:31:28

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. IBM X-Force ID...