CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-9000

IBM InfoSphere DataStage is vulnerable to cross-frame scripting, caused by insufficient HTML iframe protection. A remote attacker could exploit this vulnerability using a specially-crafted URL to navigate to a web page the attacker controls. An attacker could use this vulnerability to conduct clickjacking or other client-side browser attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.6%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

Products affected by CVE-2016-9000

Ibm » Infosphere Datastage » Version: 11.3

cpe:2.3:a:ibm:infosphere_datastage:11.3
Ibm » Infosphere Datastage » Version: 11.5

cpe:2.3:a:ibm:infosphere_datastage:11.5
Ibm » Infosphere Datastage » Version: 8.7

cpe:2.3:a:ibm:infosphere_datastage:8.7
Ibm » Infosphere Datastage » Version: 9.1

cpe:2.3:a:ibm:infosphere_datastage:9.1
Ibm » Infosphere Information Server On Cloud » Version: 11.5

cpe:2.3:a:ibm:infosphere_information_server_on_cloud:11.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-9000

Products

Pricing

Contact Us