49 matches found
CVE-2025-25046
IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques...
CVE-2025-25046
IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques...
PT-2025-17675 · Ibm · Ibm Infosphere Information Server
Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue concerns the transmission of sensitive information via URL or query parameters, which could be exposed to an unauthorized actor using man-in-the-middle techniques...
IBM InfoSphere Information Server and IBM InfoSphere DataStage Flow Designer Unspecified Vulnerability (CNVD-2025-05561)
IBM InfoSphere Information Server and IBM InfoSphere DataStage Flow Designer are both products of International Business Machines IBM.IBM InfoSphere Information Server is a data integration platform. The platform can be used to integrate data information obtained from various sources.IBM InfoSphe...
CVE-2023-23472
IBM InfoSphere DataStage Flow Designer InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system...
CVE-2023-23472 IBM InfoSphere Information Server information disclosure
IBM InfoSphere DataStage Flow Designer InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system...
CVE-2023-23472 IBM InfoSphere Information Server information disclosure
IBM InfoSphere DataStage Flow Designer InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information that could aid in further attacks against the system...
IBM InfoSphere Information Server和IBM InfoSphere DataStage Flow Designer 安全漏洞
IBM InfoSphere Information Server and IBM InfoSphere DataStage Flow Designer are both products of International Business Machines IBM.IBM InfoSphere Information Server is a data integration platform. The platform can be used to integrate data information obtained from various sources.IBM InfoSphe...
Security Bulletin: IBM DataStage Flow Designer is vulnerable to information disclosure (CVE-2024-40704)
Summary An information disclosure vulnerability in DataStage Flow Designer was addressed. Vulnerability Details CVEID:CVE-2024-40704 DESCRIPTION: IBM DataStage Flow Designer could allow a privileged user to obtain sensitive information from authentication request headers. CVSS Base score: 4.9 CVS...
CVE-2023-35898
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer. IBM X-Force ID: 259352...
CVE-2023-35898
IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer. IBM X-Force ID: 259352...
PT-2023-25370 · Ibm · Ibm Infosphere Information Server +1
Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue is related to an insecure security configuration in InfoSphere Data Flow Designer, which could allow an authenticated user to obtain sensitive information. Recommendations:...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Eclipse Jetty (CVE-2023-26048)
Summary A vulnerability in Eclipse Jetty used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-26048 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an out of memory flaw in the HttpServletRequest.getParameter or...
Security Bulletin: IBM InfoSphere Information Server is affected by an information disclosure vulnerability (CVE-2023-35898)
Summary DataStage Flow Designer is an internal component of IBM InfoSphere Information Server. An information disclosure vulnerability in the DataStage Flow Designer was addressed. Vulnerability Details CVEID:CVE-2023-35898 DESCRIPTION: IBM InfoSphere Information Server could allow an authenticat...
IBM InfoSphere DataStage Flow Designer 命令注入漏洞
IBM InfoSphere DataStage Flow Designer is a Web-based data stage flow designer from International Business Machines IBM. A command injection vulnerability exists in IBM InfoSphere DataStage Flow Designer version 11.7 that stems from vulnerability to a command injection vulnerability...
CVE-2021-29738
IBM InfoSphere Data Flow Designer IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force...
CVE-2021-29738
IBM InfoSphere Data Flow Designer IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force...
CVE-2021-29737
IBM InfoSphere Data Flow Designer Engine IBM InfoSphere Information Server 11.7 component has improper validation of the REST API server certificate. IBM X-Force ID: 201301...
Server side request forgery (ssrf)
IBM InfoSphere Data Flow Designer IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force...
CVE-2021-29738
IBM InfoSphere Data Flow Designer IBM InfoSphere Information Server 11.7 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force...