IBM InfoSphere Data Replication 11.4 and IBM InfoSphere Change Data Capture for z/OS 10.2.1, under certain configurations, could allow a user to bypass authentication mechanisms using an empty password string. IBM X-Force ID:...
9.8CVSS
9.2AI Score
0.003EPSS
Cross-site scripting (XSS) vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID:...
6.1CVSS
5.8AI Score
0.001EPSS
SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. IBM X-Force ID:...
9.8CVSS
9.5AI Score
0.001EPSS
Directory traversal vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to read arbitrary files via unspecified vectors. IBM X-Force ID:...
7.5CVSS
7.5AI Score
0.003EPSS
The Data Replication Dashboard component in IBM InfoSphere Replication Server 9.7 and 10.x before 10.2.0.0-b113 allows remote attackers to obtain a list of all user accounts, along with information about whether each account requires a password, via unspecified...
6.2AI Score
0.002EPSS
The web server in InfoSphere Data Replication Dashboard in IBM InfoSphere Replication Server 9.7 and 10.1 through 10.1.0.4 allows remote authenticated users to list directories via a direct request for a directory...
6.2AI Score
0.001EPSS