An Information disclosure vulnerability in IBM InfoSphere Information Server was addressed.
CVEID:CVE-2021-29681
**DESCRIPTION:**IBM InfoSphere Information Server could allow an attacker to obtain sensitive information by injecting parameters into an HTML query. This information could be used in further attacks against the system.
CVSS Base score: 3.1
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/199917 for the current score.
CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Product(s) | Version(s) |
---|---|
InfoSphere Information Server | 11.7 |
Product | VRMF | APAR | Remediation/First Fix |
---|---|---|---|
InfoSphere Information Server, Information Server on Cloud | 11.7 | JR63505 | |
--Apply InfoSphere Information Server version 11.7.1.0
--Apply InfoSphere Information Server version 11.7.1.0 Fix Pack 1
--Apply InfoSphere Information Server 11.7.1.1 Service Pack 1
--Apply InfoSphere Metadata Asset Manager security patch
For Red Hat 8 installations, contact IBM Customer support.
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm infosphere information server | eq | 11.7 |