Lucene search
K

27 matches found

Cvelist
Cvelist
added 5 days ago36 views

CVE-2026-9836 IBM DataStage Flow Designer application is affected by an information disclosure vulnerability

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...

3.5CVSS0.00241EPSS
Exploits0References1
CVE
CVE
added 5 days ago19 views

CVE-2026-9836

IBM InfoSphere Information Server 11.7.0.0–11.7.1.6 is affected by CVE-2026-9836, an information-disclosure vulnerability in the DataStage Flow Designer application (CWE-200). Reported base score varies by source (NVD lists 7.5 HIGH overall but IBM notes a CVSS v3.1 base score of 3.5, LOW). The u...

7.5CVSS5.8AI score0.00241EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/26 11:3 p.m.5 views

CVE-2025-36422

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

4.3CVSS5.7AI score0.00139EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 9:30 p.m.6 views

EUVD-2025-209025

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

4.3CVSS5.7AI score0.00139EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 9:16 p.m.4 views

CVE-2025-36422

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

4.3CVSS0.00139EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 8:26 p.m.8 views

CVE-2025-36422

IBM InfoSphere Information Server (11.7.0.0–11.7.1.6), specifically DataStage Flow Designer, is affected by CVE-2025-36422: Cross-Site Request Forgery that could allow an attacker to perform malicious actions via a trusted user session. The vulnerability has a CVSS v3.1 base score of 4.3 (Medium)...

4.3CVSS5.7AI score0.00139EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/25 8:26 p.m.2 views

CVE-2025-36422

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

4.3CVSS5.7AI score0.00139EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/03/25 8:26 p.m.21 views

CVE-2025-36422 IBM InfoSphere Information Server is vulnerable to cross-site request forgery

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...

4.3CVSS0.00139EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/03/24 4:45 p.m.3 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site request forgery (CVE-2025-36422)

Summary A cross-site request forgery vulnerability was addressed in IBM InfoSphere Information Server. Vulnerability Details CVEID:CVE-2025-36422 DESCRIPTION: IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and...

4.3CVSS5.7AI score0.00139EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/06/26 4:15 p.m.5 views

CVE-2025-36034

IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses sensitive user information in API requests in clear text that could be intercepted using man in the middle techniques...

5.9CVSS5.8AI score0.00141EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/26 3:14 p.m.8 views

CVE-2025-36034 IBM InfoSphere DataStage Flow Designer information disclosure

IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses sensitive user information in API requests in clear text that could be intercepted using man in the middle techniques...

5.3CVSS0.00141EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/26 12:0 a.m.5 views

IBM InfoSphere DataStage Flow Designer 安全漏洞

IBM InfoSphere DataStage Flow Designer is a Web-based data stage flow designer from International Business Machines IBM. A security vulnerability exists in IBM InfoSphere DataStage Flow Designer that stems from the explicit transmission of sensitive information in API requests, which could lead t...

5.9CVSS6.1AI score0.00141EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/02 12:0 a.m.14 views

IBM InfoSphere Information Server Multiple Vulnerabilities (April 2025)

The version of IBM InfoSphere Information Server installed on the remote host is 11.7.x prior or equal to 11.7.1.6. It is, therefore, potentially affected by multiple vulnerabilities: - IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an...

6.3CVSS5.5AI score0.00239EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/04/26 9:13 a.m.20 views

CVE-2025-25046

IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques...

3.7CVSS6.3AI score0.00144EPSS
Exploits0References1
NVD
NVD
added 2025/04/23 11:15 p.m.30 views

CVE-2025-25046

IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques...

3.7CVSS0.00144EPSS
Exploits0References1
OSV
OSV
added 2025/04/23 11:15 p.m.5 views

CVE-2025-25046

IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques...

3.7CVSS5.8AI score0.00144EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/23 12:0 a.m.4 views

PT-2025-17675 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue concerns the transmission of sensitive information via URL or query parameters, which could be exposed to an unauthorized actor using man-in-the-middle techniques...

3.7CVSS5.7AI score0.00144EPSS
Exploits0References8
CNVD
CNVD
added 2025/03/19 12:0 a.m.6 views

IBM InfoSphere Information Server and IBM InfoSphere DataStage Flow Designer Unspecified Vulnerability (CNVD-2025-05561)

IBM InfoSphere Information Server and IBM InfoSphere DataStage Flow Designer are both products of International Business Machines IBM.IBM InfoSphere Information Server is a data integration platform. The platform can be used to integrate data information obtained from various sources.IBM InfoSphe...

6.5CVSS6.3AI score0.00336EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/11 12:14 p.m.33 views

CVE-2023-23472 IBM InfoSphere Information Server information disclosure

IBM InfoSphere DataStage Flow Designer InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system...

3.1CVSS0.00336EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/11 12:14 p.m.24 views

CVE-2023-23472 IBM InfoSphere Information Server information disclosure

IBM InfoSphere DataStage Flow Designer InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system...

3.1CVSS6AI score0.00336EPSS
Exploits0References1
Rows per page
Query Builder