Ibm

Infosphere Information Server

174 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2023-35898

  • EPSS 0.07%
  • Veröffentlicht 19.07.2023 01:15:10
  • Zuletzt bearbeitet 21.11.2024 08:08:56

IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer. IBM X-Force ID: 259352.

5.3

CVE-2023-33857

  • EPSS 0.05%
  • Veröffentlicht 17.07.2023 00:15:09
  • Zuletzt bearbeitet 21.11.2024 08:06:05

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain system information using a specially crafted query that could aid in further attacks against the system. IBM X-Force ID: 257695.

9.8

CVE-2023-32336

  • EPSS 0.26%
  • Veröffentlicht 22.05.2023 01:15:42
  • Zuletzt bearbeitet 21.11.2024 08:03:08

IBM InfoSphere Information Server 11.7 is affected by a remote code execution vulnerability due to insecure deserialization in an RMI service. IBM X-Force ID: 255285.

5.4

CVE-2023-28529

  • EPSS 0.13%
  • Veröffentlicht 19.05.2023 16:15:14
  • Zuletzt bearbeitet 21.11.2024 07:55:17

IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosu...

9.8

CVE-2022-47984

  • EPSS 0.07%
  • Veröffentlicht 19.05.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 07:32:40

IBM InfoSphere Information Server 11.7 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID:...

5.5

CVE-2023-22878

  • EPSS 0.01%
  • Veröffentlicht 19.05.2023 16:15:10
  • Zuletzt bearbeitet 21.11.2024 07:45:34

IBM InfoSphere Information Server 11.7 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 244373.

7.5

CVE-2023-30441

  • EPSS 0.05%
  • Veröffentlicht 29.04.2023 15:15:18
  • Zuletzt bearbeitet 21.11.2024 08:00:11

IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188.

5.4

CVE-2023-25928

  • EPSS 0.38%
  • Veröffentlicht 21.02.2023 14:15:13
  • Zuletzt bearbeitet 21.11.2024 07:50:26

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure with...

7.5

CVE-2023-24960

  • EPSS 0.44%
  • Veröffentlicht 17.02.2023 19:15:11
  • Zuletzt bearbeitet 21.11.2024 07:48:51

IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-For...

5.5

CVE-2023-24964

  • EPSS 0.02%
  • Veröffentlicht 17.02.2023 17:15:11
  • Zuletzt bearbeitet 21.11.2024 07:48:51

IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information from a log files. IBM X-Force ID: 246463.