45 matches found
CVE-2025-25045
IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a detailed technical error message is returned in a request. This information could be used in further attacks against the system...
CVE-2024-55895
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...
CVE-2024-51459 IBM InfoSphere Server Information command execution
IBM InfoSphere Information Server 11.7 could allow a local user to execute privileged commands due to the improper handling of permissions...
CVE-2024-52901
IBM InfoSphere Information Server 11.7 could allow an authenticated user to GUI to not load or stop working due to improper input validation...
CVE-2024-40690
IBM InfoSphere Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 29772...
CVE-2024-40690
IBM InfoSphere Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 29772...
PT-2024-28986 · Ibm · Ibm Infosphere Server
Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Server version 11.7 Description: The issue allows an authenticated user to embed arbitrary JavaScript code in the Web UI, altering the intended functionality and potentially leading to credentials disclosure within a trusted...
CVE-2023-35022
IBM InfoSphere Information Server 11.7 could allow a local user to update projects that they do not have the authorization to access. IBM X-Force ID: 258254...
CVE-2023-42009
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265504...
CVE-2023-40699
IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161...
CVE-2023-43015
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266064...
The vulnerability in the web interface of the IBM InfoSphere Information Server’s data integration software allows a perpetrator to execute arbitrary JavaScript code and gain unauthorized access to protected information.
The vulnerability of the web interface of the IBM InfoSphere Information Server software integration platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code and gain...
IBM InfoSphere Information Server 跨站脚本漏洞
IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. A cross-site scripting vulnerability exists in IBM InfoSphere Information Server version 11.7, which can be...
CVE-2021-29712
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 200966...
IBM InfoSphere Information Server Cross-Site Request Forgery Vulnerability (CNVD-2020-31093)
IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. A cross-site request forgery vulnerability exists in IBM InfoSphere Information Server. An attacker could...
CVE-2020-4384
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-For...
Multiple IBM products open to redirection vulnerabilities (CNVD-2019-39758)
IBM InfoSphere Information Analyzer, InfoSphere Information Governance Catalog, and InfoSphere Information Server on Cloud are products of IBM Corporation of the U.S.A. IBM IBM InfoSphere Information Server on Cloud is a cloud-based data integration platform, and IBM InfoSphere Information...
CVE-2019-4185
IBM InfoSphere Information Server 11.7.1 containers are vulnerable to privilege escalation due to an insecurely configured component. IBM X-Force ID: 158975...
IBM InfoSphere Information Server XML External Entity Injection Vulnerability (CNVD-2019-06353)
IBM InfoSphere Information Server is a set of data integration platforms from IBM in the United States. The platform can be used to integrate data information obtained from various sources. An XML external entity injection vulnerability exists in IBM InfoSphere Information Server, which can be...
CVE-2017-1350
IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 could allow a user to escalate their privileges to administrator due to improper access controls. IBM X-Force ID: 126526...