Ibm

Infosphere Information Server

172 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2023-32336

  • EPSS 0.19%
  • Veröffentlicht 22.05.2023 01:15:42
  • Zuletzt bearbeitet 21.11.2024 08:03:08

IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. IBM X-Force ID: 255285.

5.4

CVE-2023-28529

  • EPSS 0.1%
  • Veröffentlicht 19.05.2023 16:15:14
  • Zuletzt bearbeitet 21.11.2024 07:55:17

IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosu...

9.8

CVE-2022-47984

  • EPSS 0.06%
  • Veröffentlicht 19.05.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 07:32:40

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID:...

5.5

CVE-2023-22878

  • EPSS 0.01%
  • Veröffentlicht 19.05.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 07:45:34

IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 244373.

7.5

CVE-2023-30441

  • EPSS 0.04%
  • Veröffentlicht 29.04.2023 15:15:18
  • Zuletzt bearbeitet 21.11.2024 08:00:11

IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188.

5.4

CVE-2023-25928

  • EPSS 0.14%
  • Veröffentlicht 21.02.2023 14:15:13
  • Zuletzt bearbeitet 21.11.2024 07:50:26

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...

7.5

CVE-2023-24960

  • EPSS 0.1%
  • Veröffentlicht 17.02.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 07:48:51

IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-For...

5.5

CVE-2023-24964

  • EPSS 0.02%
  • Veröffentlicht 17.02.2023 17:15:11
  • Zuletzt bearbeitet 21.11.2024 07:48:51

IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information from a log files. IBM X-Force ID: 246463.

4.6

CVE-2023-23475

  • EPSS 0.21%
  • Veröffentlicht 08.02.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 07:46:16

IBM Infosphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...

5.4

CVE-2022-47983

  • EPSS 0.3%
  • Veröffentlicht 01.02.2023 18:15:10
  • Zuletzt bearbeitet 21.11.2024 07:32:39

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...