27 matches found
CVE-2026-9836 IBM DataStage Flow Designer application is affected by an information disclosure vulnerability
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability...
CVE-2026-9836
IBM InfoSphere Information Server 11.7.0.0–11.7.1.6 is affected by CVE-2026-9836, an information-disclosure vulnerability in the DataStage Flow Designer application (CWE-200). Reported base score varies by source (NVD lists 7.5 HIGH overall but IBM notes a CVSS v3.1 base score of 3.5, LOW). The u...
CVE-2025-36422
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
EUVD-2025-209025
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2025-36422
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2025-36422
IBM InfoSphere Information Server (11.7.0.0–11.7.1.6), specifically DataStage Flow Designer, is affected by CVE-2025-36422: Cross-Site Request Forgery that could allow an attacker to perform malicious actions via a trusted user session. The vulnerability has a CVSS v3.1 base score of 4.3 (Medium)...
CVE-2025-36422
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
CVE-2025-36422 IBM InfoSphere Information Server is vulnerable to cross-site request forgery
IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts...
Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site request forgery (CVE-2025-36422)
Summary A cross-site request forgery vulnerability was addressed in IBM InfoSphere Information Server. Vulnerability Details CVEID:CVE-2025-36422 DESCRIPTION: IBM InfoSphere DataStage Flow Designer is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and...
CVE-2025-36034
IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses sensitive user information in API requests in clear text that could be intercepted using man in the middle techniques...
CVE-2025-36034 IBM InfoSphere DataStage Flow Designer information disclosure
IBM InfoSphere DataStage Flow Designer in IBM InfoSphere Information Server 11.7 discloses sensitive user information in API requests in clear text that could be intercepted using man in the middle techniques...
IBM InfoSphere DataStage Flow Designer 安全漏洞
IBM InfoSphere DataStage Flow Designer is a Web-based data stage flow designer from International Business Machines IBM. A security vulnerability exists in IBM InfoSphere DataStage Flow Designer that stems from the explicit transmission of sensitive information in API requests, which could lead t...
IBM InfoSphere Information Server Multiple Vulnerabilities (April 2025)
The version of IBM InfoSphere Information Server installed on the remote host is 11.7.x prior or equal to 11.7.1.6. It is, therefore, potentially affected by multiple vulnerabilities: - IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an...
CVE-2025-25046
IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques...
CVE-2025-25046
IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques...
CVE-2025-25046
IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques...
PT-2025-17675 · Ibm · Ibm Infosphere Information Server
Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue concerns the transmission of sensitive information via URL or query parameters, which could be exposed to an unauthorized actor using man-in-the-middle techniques...
IBM InfoSphere Information Server and IBM InfoSphere DataStage Flow Designer Unspecified Vulnerability (CNVD-2025-05561)
IBM InfoSphere Information Server and IBM InfoSphere DataStage Flow Designer are both products of International Business Machines IBM.IBM InfoSphere Information Server is a data integration platform. The platform can be used to integrate data information obtained from various sources.IBM InfoSphe...
CVE-2023-23472 IBM InfoSphere Information Server information disclosure
IBM InfoSphere DataStage Flow Designer InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system...
CVE-2023-23472 IBM InfoSphere Information Server information disclosure
IBM InfoSphere DataStage Flow Designer InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system...