IBMF4A2D80CD543A71A47543CEF719CD019FD94E3408CAEBEDBF4437A038FDA0D12Security Bulletin: IBM InfoSphere Information Server is affected by an information disclosure vulnerability
0.0004 Low
EPSS
Percentile
12.7%
Summary
An information disclosure vulnerability in IBM InfoSphere Information Server was addressed.
Vulnerability Details
CVEID:CVE-2020-4886
**DESCRIPTION:**IBM InfoSphere Information Server stores sensitive information in the browser’s history that could be obtained by a user who has access to the same system.
CVSS Base score: 4
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/190910 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Affected Products and Versions
| Affected Product(s) | Version(s) |
|---|
InfoSphere Information Server,
Information Server on Cloud
| 11.7
Remediation/Fixes
| Product | VRMF | APAR | Remediation/First Fix |
|---|---|---|---|
| InfoSphere Information Server, Information Server on Cloud | 11.7 | JR62831 | --Apply IBM InfoSphere Information Server version 11.7.1.0 |
For Red Hat 8 installations,
Contact IBM Customer Support
else
--Apply IBM InfoSphere Information Server version 11.7.1.1
--Apply Information Server Framework 11.7.1.1 Rollup Patch 2
Contact Technical Support:
In the United States and Canada dial 1-800-IBM-SERV
View the support contacts for other countries outside of the United States.
Electronically open a Service Request with Information Server Technical Support.
Workarounds and Mitigations
None
| CPE | Name | Operator | Version |
|---|---|---|---|
| ibm infosphere information server | eq | 11.7 |
Related
0.0004 Low
EPSS
Percentile
12.7%