Lucene search
+L

11 matches found

IBM Security Bulletins
IBM Security Bulletins
•added 2024/09/10 6:44 p.m.•18 views

Security Bulletin: IBM InfoSphere Information Server is affected by a denial of service vulnerability in Undertow (CVE-2024-6162)

Summary A denial of service vulnerability in Undertow that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-6162 DESCRIPTION: Undertow is vulnerable to a denial of service, caused by a flaw with URL-encoded request path information can be broken for...

7.5CVSS7.4AI score0.01702EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2024/08/05 7:50 p.m.•28 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Connect2id Nimbus-JOSE-JWT ( CVE-2023-52428)

Summary A vulnerability in Connect2id Nimbus-JOSE-JWT that is used by the JDBC driver in InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-52428 DESCRIPTION: Connect2id Nimbus-JOSE-JWT is vulnerable to a denial of service, caused by improper validation of user...

7.5CVSS9.2AI score0.00814EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/11/28 10:27 p.m.•33 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Google Guava (CVE-2023-2976)

Summary A vulnerability in Google Guava used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-2976 DESCRIPTION: Google Guava could allow a local authenticated attacker to obtain sensitive information, caused by a flaw with using Java's default temporary...

7.1CVSS5.5AI score0.00248EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/09/25 11:13 p.m.•45 views

Security Bulletin: IBM InfoSphere Information Server is vulnerable to OS command injection (CVE-2022-35717)

Summary An OS command injection vulnerability in InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2022-35717 DESCRIPTION: IBM InfoSphere Information Server 11.7 could allow a locally authenticated attacker to execute arbitrary commands on the system by sending a...

7.8CVSS8.1AI score0.00564EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/07/20 4:52 p.m.•38 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in VMware Tanzu Spring Security (CVE-2023-20862)

Summary A vulnerability in VMware Tanzu Spring Security used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-20862 DESCRIPTION: VMware Tanzu Spring Security could allow a remote attacker to bypass security restrictions, caused by the logout support feature...

6.3CVSS6.5AI score0.00648EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/07/20 4:33 p.m.•39 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in VMware Tanzu Spring Framework (CVE-2023-20863)

Summary A vulnerability in VMware Tanzu Spring Framework used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation. By sending a specially...

6.5CVSS6.5AI score0.01122EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/05/17 9:22 p.m.•64 views

Security Bulletin: IBM InfoSphere Information Server is affected but not classified as vulnerable to a code execution vulnerability in Apache Kafka (CVE-2023-25194)

Summary A code execution vulnerability in Apache Kafka used byIBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2023-25194 DESCRIPTION: Apache Kafka could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe...

8.8CVSS8.9AI score0.95302EPSS
Exploits8Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/12/07 5:39 p.m.•23 views

Security Bulletin: IBM InfoSphere DataStage Flow Designer is vulnerable due to improper certificate validation

Summary A vulnerability due to improper certificate validation in IBM InfoSphere DataStage Flow Designer was addressed. Vulnerability Details CVEID: CVE-2021-29737 DESCRIPTION: IBM InfoSphere Data Flow Designer Engine component has improper validation of the REST API server certificate. CVSS Base...

7.5CVSS7AI score0.00671EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/07/08 7:42 p.m.•76 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Apache Commons IO

Summary A vulnerability in Apache Commons IO that is used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID: CVE-2021-29425 DESCRIPTION: Apache Commons IO could allow a remote attacker to traverse directories on the system, caused by improper input validation by the...

5.8CVSS1.5AI score0.10608EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
•added 2021/05/14 7:56 p.m.•28 views

Security Bulletin: IBM InfoSphere DataStage is affected by an Information disclosure vulnerability

Summary An Information disclosure vulnerability in IBM InfoSphere DataStage was addressed. Vulnerability Details CVEID: CVE-2021-29747 DESCRIPTION: IBM InfoSphere Information Server could allow a remote attacker to obtain highly sensitive information due to a vulnerability in the authentication...

7.5CVSS0.2AI score0.01918EPSS
Exploits0Affected Software1
Cvelist
Cvelist
•added 2020/03/10 11:55 a.m.•20 views

CVE-2020-4162

IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS5.2AI score0.00561EPSS
Exploits0References2
Rows per page
Query Builder