IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2023-91225)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server version 11.7...

CVE-2023-28937

DataSpider Servista version 4.4 and earlier uses a hard-coded cryptographic key. DataSpider Servista is data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and...

PT-2023-22047 · Unknown · Scriptrunner For Amazon Sqs +2

Name of the Vulnerable Software and Affected Versions: DataSpider Servista versions 4.4 and earlier Description: The issue concerns the use of a hard-coded cryptographic key in DataSpider Servista, which is data integration software. This key is embedded in ScriptRunner and ScriptRunner for Amazo...

JVN#38222042: DataSpider Servista uses a hard-coded cryptographic key

DataSpider Servista provided by SAISON INFORMATION SYSTEMS CO.,LTD. is a data integration software. ScriptRunner and ScriptRunner for Amazon SQS are used to start the configured processes on DataSpider Servista. The cryptographic key is embedded in ScriptRunner and ScriptRunner for Amazon SQS,...

Apache InLong Elevation of Privilege Vulnerability

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. An elevation of privilege vulnerability exists in Apache InLong versions 1.2.0 through 1.6.0, which can be exploited by an attacker to elevate privileges...

Apache InLong Security Bypass Vulnerability (CNVD-2023-42960)

Apache InLong is the United States Apache Apache Foundation's one-stop massive data integration framework. A security bypass vulnerability exists in Apache InLong versions 1.4.0 through 1.6.0. An attacker can exploit the vulnerability to change the immutable name and type of an InLong cluster...

Apache InLong Information Disclosure Vulnerability (CNVD-2023-42964)

Apache InLong is the United States Apache Apache Foundation's one-stop massive data integration framework. An information disclosure vulnerability exists in Apache InLong versions 1.5.0 through 1.6.0, which can be exploited by attackers to obtain sensitive information...

Apache InLong Security Bypass Vulnerability (CNVD-2023-42962)

Apache InLong is the United States Apache Apache Foundation's one-stop massive data integration framework. A security bypass vulnerability exists in Apache InLong versions 1.2.0 through 1.6.0, which can be exploited by an attacker to cancel an application...

Apache InLong Code Execution Vulnerability

Apache InLong is the United States Apache Apache Foundation's one-stop massive data integration framework. A code execution vulnerability exists in Apache InLong versions 1.4.0 through 1.6.0, which can be exploited by an attacker to execute arbitrary code on a system...

Apache InLong Authorization Issues Vulnerability

Apache InLong is the United States Apache Apache Foundation's one-stop massive data integration framework. An authorization issue vulnerability exists in Apache InLong versions 1.2.0 through 1.6.0. The vulnerability stems from improper privilege management. An attacker can exploit the vulnerabili...

IBM InfoSphere Information Server SQL Injection Vulnerability (CNVD-2023-41889)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An SQL injection vulnerability exists in IBM InfoSphere Information Server version 11.7, which...

IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2023-41891)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server version 11.7...

IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2023-41890)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Server version 11.7,...

Apache InLong SQL Injection Vulnerability

Apache InLong is the United States Apache Apache Foundation's one-stop massive data integration framework. Apache InLong suffers from a SQL injection vulnerability. An attacker can exploit the vulnerability to view, add, modify, or delete information in a back-end database...

Apache InLong Deserialization Vulnerability (CNVD-2023-25936)

Apache InLong is the U.S. Apache Apache Foundation's one-stop massive data integration framework. Provides automated, secure and reliable data transfer capabilities. A deserialization vulnerability exists in Apache InLong versions 1.1.0 to 1.5.0. The vulnerability stems from unsafe deserializatio...

The vulnerability in the web interface of the IBM InfoSphere Information Server’s data integration software allows a perpetrator to execute arbitrary JavaScript code and gain unauthorized access to the protected resources.

The vulnerability of the web interface of the IBM InfoSphere Information Server software integration platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code and gain...

IBM InfoSphere Information Server Directory Traversal Vulnerability

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A directory traversal vulnerability exists in IBM InfoSphere Information Server version 11.7,...

IBM Infosphere Information Server Cross-Site Scripting Vulnerability (CNVD-2023-08069)

IBM InfoSphere Information Server is a data integration platform from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM Infosphere Information Server version 11.7, which stems from the presence of cross-site scripting that could be exploited by an attacker to...

IBM InfoSphere Information Server Cross-Site Scripting Vulnerability (CNVD-2023-07922)

IBM InfoSphere Information Server is a data integration platform from International Business Machines Corporation IBM. IBM InfoSphere Information Server version 11.7 contains a cross-site scripting vulnerability that allows users to embed arbitrary JavaScript code in the Web UI via cross-site...

IBM InfoSphere Information Server Denial of Service Vulnerability (CNVD-2023-91228)

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. A denial of service vulnerability exists in IBM InfoSphere Information Server version 11.7, whic...