Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
infosphere_information_server vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-24960
IBM InfoSphere Information Server 11.7 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 246333
Ibm Infosphere Information Server 11.7
5.5
CVSSv3
CVE-2023-24964
IBM InfoSphere Information Server 11.7 could allow a local user to obtain sensitive information from a log files. IBM X-Force ID: 246463.
Ibm Infosphere Information Server 11.7
7.8
CVSSv3
CVE-2022-35717
"IBM InfoSphere Information Server 11.7 could allow a locally authenticated malicious user to execute arbitrary commands on the system by sending a specially crafted request. IBM X-"Force ID: 231361.
Ibm Infosphere Information Server 11.7
8.8
CVSSv3
CVE-2021-29888
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an malicious user to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 207123.
Ibm Infosphere Information Server 11.7
9.8
CVSSv3
CVE-2022-22425
"IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 223598."
Ibm Infosphere Information Server 11.7
5.3
CVSSv3
CVE-2021-29681
IBM InfoSphere Information Server 11.7 could allow an malicious user to obtain sensitive information by injecting parameters into an HTML query. This information could be used in further attacks against the system. IBM X-Force ID: 199918.
Ibm Infosphere Information Server 11.7
6.1
CVSSv3
CVE-2021-29712
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Fo...
Ibm Infosphere Information Server 11.7
7.5
CVSSv3
CVE-2021-29737
IBM InfoSphere Data Flow Designer Engine (IBM InfoSphere Information Server 11.7 ) component has improper validation of the REST API server certificate. IBM X-Force ID: 201301.
Ibm Infosphere Information Server 11.7
5.4
CVSSv3
CVE-2021-29738
IBM InfoSphere Data Flow Designer (IBM InfoSphere Information Server 11.7 ) is vulnerable to server-side request forgery (SSRF). This may allow an authenticated malicious user to send unauthorized requests from the system, potentially leading to network enumeration or facilitatin...
Ibm Infosphere Information Server 11.7
7.5
CVSSv3
CVE-2021-29747
IBM InfoSphere Information Server 11.7 could allow a remote malicious user to obtain highly sensitive information due to a vulnerability in the authentication mechanism. IBM X-Force ID: 201775.
Ibm Infosphere Information Server 11.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »