Lucene search

K

InfoSphere Information Governance Catalog Security Vulnerabilities

cve
cve

CVE-2019-4237

A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7 can allow an attacker to load the vulnerable application inside an HTML iframe tag on a malicious page. IBM X-Force ID:...

5.4CVSS

5.1AI Score

0.001EPSS

2019-07-01 03:15 PM
29
cve
cve

CVE-2018-1845

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID:...

7.1CVSS

6.8AI Score

0.001EPSS

2019-06-17 03:15 PM
45
cve
cve

CVE-2019-4257

IBM InfoSphere Information Server 11.5 and 11.7 is affected by an information disclosure vulnerability. Sensitive information in an error message may be used to conduct further attacks against the system. IBM X-Force ID:...

4.3CVSS

4.2AI Score

0.001EPSS

2019-06-06 09:29 PM
177
cve
cve

CVE-2018-1875

IBM InfoSphere Information Governance Catalog 11.3, 11.5, and 11.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed...

7.4CVSS

5.8AI Score

0.001EPSS

2019-03-05 06:29 PM
25
cve
cve

CVE-2018-1899

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an attacker to change one of the settings related to InfoSphere Business Glossary Anywhere due to improper access control. IBM X-Force ID:...

4.3CVSS

4.4AI Score

0.0005EPSS

2019-03-05 06:29 PM
19
cve
cve

CVE-2018-1895

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM...

5.4CVSS

5.2AI Score

0.001EPSS

2019-02-15 08:29 PM
25
cve
cve

CVE-2016-0250

XML external entity (XXE) vulnerability in IBM InfoSphere Information Governance Catalog 11.3 before 11.3.1.2 and 11.5 before 11.5.0.1 allows remote authenticated users to read arbitrary files or cause a denial of service via crafted XML data. IBM X-Force ID:...

5.4CVSS

5.3AI Score

0.001EPSS

2018-03-12 09:29 PM
20
cve
cve

CVE-2016-0280

Cross-site scripting (XSS) vulnerability in IBM Information Server Framework 8.5, Information Server Framework and InfoSphere Information Server Business Glossary 8.7 before FP2, Information Server Framework and InfoSphere Information Server Business Glossary 9.1 before 9.1.2.0, Information Server....

5.4CVSS

4.9AI Score

0.001EPSS

2016-08-08 01:59 AM
17